last executing test programs: 4m24.879333246s ago: executing program 2 (id=1309): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) getrlimit$auto(0x3, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ram1\x00', 0x6281, 0x0) ioctl$auto_BLKZEROOUT(r1, 0x127f, 0x0) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r2, 0xc0045002, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x6, 0x40009, 0xe2, 0xc3b, 0x7, 0x28004) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0) ioctl$auto_BLKFLSBUF(r3, 0x1261, 0x0) lseek$auto(0x3, 0xffffffffff800002, 0x10) ioctl$auto_BLKFLSBUF(r3, 0x1261, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x9}, 0x8) unshare$auto(0x40000080) write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000000)="b2", 0x1) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)='\t', 0x1) r4 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) r5 = ioctl$auto_SIOCGIFHWADDR2(0xffffffffffffffff, 0x8927, &(0x7f00000000c0)="e854bccc05f0c00b21a612e9") ioctl$auto(r4, 0x40044620, r5) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/apparmor/parameters/lock_policy\x00', 0x82, 0x0) sendfile$auto(r6, r6, 0x0, 0x5) getsockopt$auto_SO_MAX_PACING_RATE(r4, 0x87, 0x2f, &(0x7f0000000040)='&-\x00', &(0x7f0000000080)=0x1c) 4m23.625644478s ago: executing program 2 (id=1316): rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x4, 0x6, 0x2}, 0x8000, 0x0, 0x6) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x2, 0x0) socket(0xa, 0x1, 0x84) close_range$auto(0x2, 0x8, 0x0) socket(0xf, 0xe, 0x1) getdents$auto(0xffffffffffffffff, 0x0, 0x400018) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0xe0002, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_nsim_dev_max_vfs_fops_dev(0xffffffffffffff9c, 0x0, 0x10000, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r0 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r0, 0x107, 0x1, 0x0, 0x8004) r1 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0xa, 0x3, 0xc, 0x5, 0x0, 0x3, 0x6, 0x10000000000002, 0x6c8, 0x5, 0x20000000003, 0x5, 0xb0, 0x7, 0x10000002, 0x3, 0x5, 0x7, 0x0, 0xfffffffd, 0x42, 0x0, 0x0, 0x0, 0x2, 0x7, 0x200, 0x0, 0x0, [0x0, 0x20000000, 0x0, 0x0, 0x400000000000000, 0x0, 0x0, 0x10000, 0x0, 0x0, 0xfffffffffffffffe, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0xebe9, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x2]}, 0x1fe, 0x40081) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0xc20f0000, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x810}, 0x7, 0x8) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_trace_options_core_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/options/trace_printk_dest\x00', 0x20000, 0x0) r2 = openat$auto_mgts_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0) close_range$auto(r2, r2, 0x1) open(0x0, 0x22240, 0x155) socket(0x2, 0x80802, 0x0) close_range$auto(0x2, 0xa, 0x27) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) 4m23.032619004s ago: executing program 2 (id=1318): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)) r1 = fcntl$auto(r0, 0x402, 0x8000007fffffdf) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), r1) r2 = gettid() kill$auto(r2, 0x11) prctl$auto(0x3e, 0x7, r2, 0x3, 0xfffe0000) ioctl$auto_XFS_IOC_ALLOCSP(0xffffffffffffffff, 0x4030580a, &(0x7f0000000240)={0xa1, 0x0, 0x4, 0x2, 0x7fffffff, 0x0}) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000340)={{@inferred=r2, 0x4, 0x5d, 0x7f, "e3d495c93b43c4398015f2cee0996c800b50206dc2f1444bc6f321d4d89eb66606ad5ca5d3c96dfa1a709268", @raw=0x1}, 0xfffffff9, 0x8001, 0x40, @inferred=r3, @enumerated={0x8, 0x2cc, "2ff51afeb654285ae048739abcd7cb0f1a95ed8732d0c69cccb454a51eee5d897f5b18fd30ab1535d045c3088b7204f53afa072ccbdf5131594b7978d33f59c8", 0x1c}, "4c3fbe57346cd5e0c98078bc34b4d805af2f8ffaf1a96a9aaef4bce01de2c32d3f666a787835bf6006c1d02cfdb7222158203cf069603b1a5af6bab2fc02afd3"}) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/est_nice\x00', 0x40001, 0x0) write$auto(r4, 0x0, 0xffffffffffffffff) fanotify_init$auto(0xf3ca, 0x7) ioctl$auto(0x3, 0xc040564a, 0x38) getcwd$auto(0x0, 0xffffffffffffffff) r5 = socket(0x2c, 0x3, 0x8) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/dummy_hcd.7/usb8/interface_authorized_default\x00', 0xc2481, 0x0) write$auto(r6, &(0x7f0000000040)='0\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x4d}) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{&(0x7f0000000000), 0x3ff, &(0x7f0000000180)={0x0, 0x434b}, 0x9, &(0x7f00000001c0), 0x3ff, 0x24000000}, 0xb6}, 0x2, 0x2) sendmmsg$auto(r5, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000080), 0x49}, 0x6, &(0x7f0000000180), 0x5, 0x3}, 0x5}, 0x63, 0x100) r7 = socket(0xa, 0x5, 0x0) getsockopt$auto(r7, 0x84, 0x81, 0x0, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000140)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7\xe6\x04\x8c\x83k', 0x1000000007e) socket(0x1e, 0x2, 0xfffffffe) setsockopt$auto(0x400000000000003, 0x29, 0x20, 0x0, 0x1f) r8 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0) ioctl$auto_RTC_PARAM_SET(r8, 0x40187014, &(0x7f0000000100)={0x5, @ptr=0xffffffffffffff7f, 0xf54}) r9 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/hugepages/hugepages-2048kB/nr_overcommit_hugepages\x00', 0x1c9282, 0x0) sendfile$auto(r9, r9, 0x0, 0xb) mremap$auto(0x4, 0x4, 0x13, 0x7, 0x100000000) 4m22.857688521s ago: executing program 2 (id=1319): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/stat_refresh\x00', 0x101382, 0x0) writev$auto(0x3, &(0x7f0000000100)={&(0x7f0000000140), 0x9}, 0x8) poll$auto(0x0, 0x5, 0x400) mmap$auto(0x0, 0x2020009, 0x3, 0xeb0, 0xfffffffffffffffa, 0x8d1f) clock_adjtime$auto(0x0, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x121200, 0x0) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) syz_clone(0x5004000, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, 0x0, 0x100000a3d9) setreuid$auto(0x0, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, 0x0, 0x40800) 4m22.54741569s ago: executing program 2 (id=1321): r0 = socket(0x1a, 0x1, 0xb) getcpu$auto(&(0x7f0000000240)=0xfffffffc, &(0x7f0000000280)=0xc, 0x0) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={0x0, 0x40000000001243}, 0xa, 0x0) getsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x0) 4m22.291109665s ago: executing program 2 (id=1331): mmap$auto(0x0, 0x80000000, 0x4000000000df, 0x40ebe, 0x401, 0x300400000000) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) connect$auto(0x3, 0x0, 0x55) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @empty}, 0x51) 4m7.299810808s ago: executing program 32 (id=1331): mmap$auto(0x0, 0x80000000, 0x4000000000df, 0x40ebe, 0x401, 0x300400000000) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) connect$auto(0x3, 0x0, 0x55) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @empty}, 0x51) 7.996312896s ago: executing program 0 (id=3344): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408) write$auto(r0, 0x0, 0xfffffdf1) linkat$auto(r0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) (async, rerun: 32) mount$auto(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x200, 0x0) (async, rerun: 32) mmap$auto(0x0, 0x400108, 0x3, 0x9b72, 0xffffffffffffffff, 0x8000) (async) sysfs$auto(0x2, 0x3, 0x0) (async) r1 = fsopen$auto(0x0, 0x1) fsconfig$auto(r1, 0x8, 0x0, 0x0, 0x0) (async, rerun: 64) mprotect$auto(0x0, 0x8000000000000001, 0x8) (rerun: 64) 7.62720544s ago: executing program 0 (id=3346): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000080)=ANY=[@ANYRESDEC=r0, @ANYRESOCT=0x0, @ANYBLOB="010025bd7000fddbdf2503000000040007800c0002000500000000000000080001"], 0x2c}, 0x1, 0x0, 0x0, 0x20004080}, 0x8880) 7.369721219s ago: executing program 0 (id=3348): socket(0x21, 0x2, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1d, 0x2, 0x2) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) connect$auto(0x5, 0x0, 0x9) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0xffffffffffffffaf, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) connect$auto(0x3, &(0x7f0000000080)=@nl=@proc={0x10, 0x0, 0x25dfdbfe, 0x4}, 0x81) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder1\x00', 0x0, 0x0) r3 = dup$auto(r2) ioctl$auto(0xffffffffffffffff, 0x81004523, r3) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/interrupts\x00', 0x18b202, 0x0) pread64$auto(r4, 0x0, 0x400100000001, 0x1ff) unshare$auto(0x40000080) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000280)={'veth0_macvtap\x00'}) socket(0x10, 0x3, 0x6) mmap$auto(0x0, 0x7f, 0x1, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) fsconfig$auto_SHMEM_HUGE_FORCE(0xffffffffffffffff, 0x7, 0x0, &(0x7f00000001c0)="5b0fdf8e7220ade733b697e361a312e8797cf9bc410c090dd180de688ae19ee0f7d3ce7f185fa1b9c9867d234fdb5c62c6e305f1df4ca134c6413371cb668566fc407fc2b99e953d74e9fe557dc0d6dd24b7fd497737dfcd44938915c5131197660e57624aba5b26b726415e50", 0xfffffffffffffffe) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x9, 0x6, 0x63, 0x0, 0x0, 0x0, 0xac, 0x200, 0x2, 0x40000402, 0x9, 0x9, 0xffffffffffffffff, 0x6, 0x6, 0x200000100103}) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000340), r3) sendmsg$auto_NL80211_CMD_AUTHENTICATE(r1, &(0x7f0000001400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000013c0)={&(0x7f0000000380)={0x1018, r5, 0x400, 0x70bd2b, 0x25dfdbfe, {}, [@NL80211_ATTR_REG_ALPHA2={0x1003, 0x21, "32cbdda132acbb08c4ebef091516e0f76f85a532688d96b6583f374865e472c5d2ba83531b8f6f18c80e020559976ea8c21c7d6db0067ec449b5989233884db535be1285947b71049ddfcfd54dd5b815a204993161c20726302ad669fd59481a2c1adc87038a354acef1798a5e3aad52b4327b6de1edf22f05e6d5b0b0780c357921c8b185d9ef1ad01bb69bf9c27a617a4a888a8dd26e6fd7bcdacd43c3672dbab1b827df45aee056717159380bbaeaf20c3dcfff6cc9fe592f9ab02f7744ddecc9e160fb4473370187e8b7a321f2934fbb33a5fd282dd032db296eef4971de27b45421210c572ea3579af11400915565ff4b6f10d8acbe578fb6bffc4a7302324c9a9e43190abe57f1a2f66f1571b7b87d518cd6555f3f05fe70496eb7f0f7ab1e25ec82c76b263277aff41bb4cb4fbc30ce5f3be87d3ed3ad9e00ad0b29f7e675580fbef150033ff02e842496748e8ff7ef137ca0a596a417d585b2c769129b86e032e4a0b35060b5e1ea09d041fa393915dc10ba3d31b671211612d77df99e2d227188040e846c2bfebaf3e63652fa059def8d4490da146cf13fb64101fcc2fc30c2452b1a98608599a5df138c8e04bfb4f2b3ac5c55c4d83f09ad9fda9075ed2eb5e85caf4364f5eaa06f0365dbdc922a7b984720c4b54b12516c37553cbf44714033ec14147ed098cc84100ebdf78a75567e992d2caf33c9b4138f3dbaf0550325fcf2c1a624148e2d702c725a1bfca769883c9cfd2c7c0ae9e943b025cab7099e99896db0f8fe39b3c7d95dcbe23eaf935828b089136f0e4ee51c5b16f78e7b8874d7901f364795feebb9c81019fc9402f809f8bfda98a9e1c81302a65a6d9821bf37a96a819420eb9b93bed99741b849c07b570c8f97fe46cf7c9513b5bc8d316b7fd2053fb9767bae807f3f151c9bd27707c8573a05bd3143419c6c110d8b326aff482db9e3423f146f57a3005c2d91844c514ac236ee96fe282eb9a9e047b87de8f72b473d629e445af28fc2f15b0fa3da8bb52a39a69b197c39dffda443af558862f1e06ce70b13e798cf8747cefe12a25becd1599ddb90eb3ec86fafb1559c2c7a849d208d01c0ce7a2fc72e250292c5f11bd6bec4bea5b5095e23fc5ca3aefb749d851434ad0adcd700e1fd5d06c7c65a9f8b216d28fd38b785803760d0a0b05654e1ad60224e7772c11543fd8c602195e8aeec0692485ebcfb5db49bd71c02c750b17c8e18f639cbba23abf96f771f77ae69f1dd8fa38b8a6af7bd2d3a112ca18a843f8b19fa9acc5144841cc819e8bea6b2ddb92486d77866b56e2b59c4c80a08476889e2c8b7cf2b64002007d21095ed458f68f5067e81f329e18f1232389db100a321f866402367f3bfbd5772ba19ae9d69547476c15490bce463e314b15ff8e028f4998150cf33e59b94d1f4e662765ed2ac9d4d15e35bcbb80a142a2d3abc716afe7dee1d7a428724a26501f9823e5cdc2a3ba19a5eef1df5e30d5f41095510c15f34c20b91e5f14d78f5ebcfc02ae99766a1e55f199745523d90f2dcdbd86f23edf2390bf6ae0ff58ede6acddc0687aa6274b28c3263161868f97e22c8b9fc3c1977bebbb8d7f7041d2314b800f4cdbb66785ca75f95722c4a93f8e4cf6faca2a4a56801576da9a7518563c1b5b4f9928e713656b0c3e0c00c919fa907f4ed48dca5dd4fe892634a712362bd87e4a0f14a51f5ca5e2a99fd22e03f7b7a1682657b0488c5571934e22a4f8d8a452d48feeaf074fc54d82480f028d645bf596814e502f5f6016aad57b7dbeadd0999fd9d5937da1ebce04170cdffd03d141c5aa011c00da4b8e4b7f9498f617c77fdf36001fda51cd62323cedc1f4ef924ca7bbf7b6e96942920e1780586e8ebf7338fb65c78b0fbea8f8a34fdce7d4dc0a097d0a379887d2ea0df145150324ec8ac320dff7ede77d4655ec04a2a0be451792615ac22422cbcf9913c1bfbbf703d9e78c1fbbf2cc81adcd454a8cc1e895685080169705433a74092cf33115a53835b911acba2de2086d7a40977f135ba1597625ab4dde8a817c606dd4c6db23591b6e0f3da2503994a4546fe218d262a0e39612f0a408bc08582d5936c9900b72ae3085ff51e90132f4ed6611d3b7c2f14c96cd418e58a404e995d41490a1195eb713722386cd96d5cb6d8d8b17ba3f4e55102868021eeaa4a21e162789f0f652a59acc296183e8e98e2c6470b7cc7fe2d78a01458683dc884cae2e0264fda68a8c233cf34f12fea25e605445b193847e4d75b8350dec87f2fd02a1e05f2b4e0c41e73436ef08e6cd9fa58e9287b7d6d0a3a17308aee9b58ba5b8a01264c238d23ae5651504dbda11cd9ef75497b3dc9c54e60d7f5bdcabeae0b294d49939bdeb43f1c6fa24ecf6dcbed92cf6025ee352cf37f7f0c04add4cf95cd33e7e1bf12c09c41c4ce67691b0c2edf6fd7cb8f7bee8ef3f96a99e0bc71424a63213645261edbf4c7a766e8ea55f7af2026657dcf26d686ad055d20e780d8f628e781fd31e40d5bfa464e3b3b032e596ad2e8b31989d8ba13c716bbc2ffc00049fc13392bd986424cd775eb4dd4e31e0343b71b8a7cadbf27c71edd95a7ccc5f09798060c2b76778a04cc6492a1a94ad309fd9499c110d619d129e73154d23dbc1f46f742e1e175b4ba2bfc85607141f71dd62fc8fc1ebf85047b95475191f3a27889f7f56afd9a182d300a727cdd2a6621744648589e6ed1bfe6e2e6c2fd51f4fc326734fc5405bd50a5b9b54d3840271bc7e15c7f4b10bfe82bccfd0eaa01e3209374b7e25e007efdea7b823a2e56185df3c6108be7b1ede7119325159e6afb6a973bcd1a674feeb99762fa984696f32f40bf9bab27dc5e38fb9a902be7c7e23281b8012bb7f1514fe37ea6bf25e26d191d3b12c8476810d72ff752020a0ca5d7851e45cf69cc9538cbb0050845be22d7223e47643bb54c8d633670cfaa768a9c436e456e840cb44657310ce47e2ee32c13c81bd5984b906f8f0db22bfeea93dd1a927f0bf8320f85ab9743e72daaee38c33add93e468f5d6a9d647a641d3b9972d3c5a21a8e1559d43092d2a17d8fe1e4087256d0b12f3816bf88f3c5ebe50b6fbddee0b8b6ea2c2efd007cdc742ad0e357a4b0b57d8559b1925e98677574619d0a8a57bf38f7eb07798a5f86693295f9d007ff1f98f8a6c984236dec42f7c648180e9bfe238023ba4b3b0ff0414b477a860001b7a3e45ac84561006c294e086cb1e73dbc8967fad0768657dbdb7280820b6e5f4aa37fd56fdb74d3c8c58c94fd82ffcaf0a0b3777414a0381e179e37067000dd4c263362f1987214853a9e0581d495d2259035cb3764d8b687eca9def1a13951cf4321112663fb2e5daa616642a45ac28319391deabcb11e18469bc7c91341b57c50cf925406e9703e877a70271ee1463d631406bc2f6ab2ac5441771b3b7b807e0d0a8747ad9b1f9ef086f97254db39ce59617c0e5fe9a388732c74d4a949efee2a540cca92025d90a8362f305775c2d810c9281989f855ac76e741c4898a4c43a7893fa45bfe936eb090cb256926b7d8c12bdba770abe13082b51f1abcad8882eb3f7e81d8a75ae50f811e6dedc5c5520378eea663aa34946e9b0a868279ebfeb887fab7905760f7ea1d7bb7dd79943f52934e8d27ff17c92a4b6bd15e9bbe361f8f2480b675fa2ebdde47bac341a7424b11cce91132068de46d92018b9f585ffb83b584d0678733061fc1ea81c3e4d0d4682f4900dfed7c748bf33a03c0df391416bc0d5fecd1bed2a40419ad70384245b45c4d54677dcc20b4eca41b8534f1922bfa3a133c655a14fe15ae0f8263d14941700a587be2f28d335825f40234be77506a6cd982999221a0fe2dfcaa09731f12aec63ed085284f9bc252ee20a409576e33b57df46c72e8006a158a2ba4da59015d70372e9010eea284c3a7b00768f7f9328b306471dd159e14dce99d564f6d076e7b924573cf0fe0646602ae8b42d76d3a8104fc01ba08c0280500da2914e6a38f7441ffddda3a80075bcfcc993d28096cc2a085db6ac0f09373dfea99d1b633397fbbc6663b69f548cdcad4f94b3695ea124a119e2fcbfcda43f8c94be1b7e6542c1b283362b586a1dd58d11e9840b9c7facde498a30919798639ceb18ffc8b9ac0bd97fae94d19ba841a8abc6e85a8a5e4cf78eca86a2646b139edaac5276d635f12d9c45203f3efc6e76151b6f25a77d3f586c99d63e375fc80c6954de7954b171df7aae02df97a016fb2266a32b176a5bfaf1f1c92bfb2d134345e171d5e2a532030a0b0b45f2b95911a99a1e4d0490b0b56cd9097e814d9aee18e60da64079274e3fce4f99a72be26d98b709379c2007dffe62c052f20bbdbc5769c1c0f86b4796a9878a14a94a18f4d1dd09e2647eb62e55e8e7b05b5708277956a6903a0dd7e91b66e1fd01b4011686d751134c5122706ab75cc7863368390270cc4254c4dbc8ea60cbac6735ccdd4b80469b2adf4738c202d80314e7f56fd10613b9f36efe9e5adb2ee64eac811e7f4d10f211c5136a7b6a8b784c47dc5b1ccf7805291b726c606d115fc37d240923d9648ece233b6aa1cca61d5ee718acc32361f11a378b3d3033e19571d79cd6fffa964a3929af3ffa67d8432032771a8046c1e8efedb1d2d7b4fc17f63de566925f03307984d8f958ab5aeda0d2b27f4ebd2f354daa176fe494ad3e01e18dbd39ff5c134d0e1250e762e95f7b86f68204caa93424000d0f31825b7c7721eec8fdede0a4fc504b8d5dd80890b601edd242776d1fb968f1a02f64d20ffd95d3089e08d639b8ee141e07edbfc24acf4ed77b7da7c7fa057679ad5ab5620de75d51ed30e79fea64139be38aecce2db7436f6e9aea7f926efe451565aad978d0e3be02a486a9851e765c5407eb381d8cab2abc9ab043890d8179ce310adf0529f42cf0cf38d6a64ebc8c4e5c2cde040309b9c73f58cad090d5bfa1cd25113a33742996482ffe71c716d4c760c5792ed47388eeffc250f645032fed8f3873eb62da23e168a14c473ce4409d5d57608309dbc013e5d5da666ab1753e79eb99e90e48c79abee3d6b38d028408bbd2e49ec9edf7111878b0c5bfed8cfeea4181ff928218e8a8f5c09f7ffbff01fbae57a98b6433a96fc3c3492e535598681efa491013976d61c471af6a1d5d7a39e2545c9784ebefabaf16b3df3c54ed578666ee2c3de78e85b544e702e574dc6dada86ecba3b5bbaff0df0b31fabd236d9f951945ac144c787c4ffe499c532efc16053080f85d15a834c1b75d0892c23604ecec1fa231010dadfc95ab7eeb302af991136d62f79cbc118c9a8116a7ec1a099314d1e055390eda82a918c898c179d03af830a24530a901226c706571b0f6461326aff3f3d5fef1d3150aaf7e9a790885bbc8bef7f2596eca67b9a844adaebd1adea812ff997873a4fda1d55341e596498001bb0cebfcb0fe0e3eca32b8ea5144bc3a9fedf1a763b2da75fee8f4d72d62b377ac025eaa91e5ad5052d2b3fd12a4958ef1f793ada03c472228ab01f255becdfc9062559d96121cc7d902f22777e435ea54bdeb4bbffc24c63024b6d6b602ede4af42b138b9d945f51116f738e924c95c93a1a39c53ed2f56bf57962bfe56970618ee8bb99735b7efeacbb8010c139b04899765ebe2ecb0cc7c108082f84fbc3bf61eaea9d5a8020b252b46e68d067870bf5028835cfcf1ae1cfa32d9e8364b57404fef248d6df0a75edefe6c53490bdbefa5e9b6538741e3ccb9789b2e649fd1dab08e86427be196847eb0a4"}]}, 0x1018}, 0x1, 0x0, 0x0, 0x5481ecaec9c14660}, 0x4000000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 6.498671963s ago: executing program 0 (id=3354): close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x1d, 0x3, 0x1) write$auto(0xffffffffffffffff, 0x0, 0x0) setsockopt$auto(r0, 0x65, 0x5, 0x0, 0x800) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(0xffffffffffffffff, 0x0, 0x4000804) epoll_create$auto(0x4) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto(0x3, 0xffffffff80088a02, 0x1) socket(0xa, 0x5, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) socketpair$auto(0x8001, 0x5, 0x5, 0x0) mmap$auto(0x1, 0x8000, 0x1ff, 0x18, 0xffffffffffffffff, 0x2) sendmsg$auto_MAC802154_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, 0x0, 0x20000094) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff) r4 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) fchdir$auto(r4) open(&(0x7f0000000080)='./cgroup\x00', 0x181000, 0xbb27d169c7ab2c79) r5 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x20020, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r5, 0xc4c85512, &(0x7f00000004c0)={{@raw=0x5, 0xffffff7d, 0xa, 0x105, "50ddcc2d0a7b79ca0e62e667b5000000000000000000000000000000000100ffffffffffffffe700", @raw=0x3}, 0x1, @integer64=@value=[0x1, 0x9, 0x6b92, 0x6, 0xfffffffffffffffe, 0x7fffffff, 0x4c6a8f65, 0x5, 0xc, 0xffffffffffffff30, 0x6, 0x2000000002, 0x8, 0x7c1, 0x8000, 0x8, 0x2, 0x2, 0xca1, 0xfffffffffffffffc, 0xffffffff00000001, 0x2, 0x7, 0x6, 0x6, 0x8, 0x4, 0x93, 0xaa, 0x4, 0x2, 0x0, 0x7, 0x3, 0x749, 0x6, 0x4, 0x7, 0x1, 0x3, 0x9186, 0x3, 0x1, 0x1, 0x8, 0x6, 0xfffffffffffffffc, 0x3, 0x4, 0x7fff, 0x3, 0x1, 0xaa7, 0x0, 0xfffffffffffff41f, 0x6, 0xe36c, 0x22e, 0x9, 0x10000000, 0xaca7, 0xf3c, 0x9660, 0x9], "bee8fd3b16a97731269aff7312ae1a01006266a3bde1f332e1078696becfd044280e7fb7719d4362b09d9f6cb070bad3af7185ae1e691c585914c0b11dd65468fb68dfc32254d8ed55c8d806a2ef4bba7bc65cd90676ce6dec79ff2f44034ad55049ff128dd27f04ac14d8dbaffacc77596ca0dffa00"}) exit$auto(0x7) creat$auto(&(0x7f0000000340)='./cgroup\x00', 0x5dec) rmdir$auto(&(0x7f0000000000)='./cgroup\x00') sendmsg$auto_CTRL_CMD_GETPOLICY(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000580)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="01032cb57000fbdbdf250a0023155d00c3ea54710000"], 0x1c}, 0x1, 0x0, 0x0, 0x400c01d}, 0x0) r6 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000080), r2) statmount$auto(&(0x7f0000002480)={0x3, @raw=0x8, 0x6, 0xfffffffffffffffd, 0x8}, &(0x7f00000024c0)={0x7, 0xff, 0x8, 0x8, 0x90d, 0xffffffffffffffff, 0x7a, 0x5, 0x10000, 0x2, 0x5, 0xffffffff, 0x5, 0x2, 0xffff, 0x2, 0xdc5, 0x4, 0x0, 0x525a3da5, 0x8, 0x6, 0x8001, 0x4, 0x6a1, 0x17d, 0x5, 0x2, 0x348e, 0x1, 0x0, [0x3, 0x7f, 0x42880c3a, 0x2, 0x5, 0x1, 0x8000000000000001, 0x4, 0x2, 0x2, 0x4, 0x8, 0x40, 0x7ff, 0x7fffffffffffffff, 0x48c, 0x40, 0x0, 0x2, 0x200, 0x8, 0x0, 0xa9, 0x407, 0x101, 0x5, 0x80000000, 0x2, 0x81, 0x8000000000000000, 0x1, 0x3, 0xe76f, 0x3, 0xffffffffffff0000, 0xf6f8, 0x97f, 0xa, 0x39, 0xffffffffffffff7f, 0x100000001, 0x2, 0x7], "5dc7d22135b14d969d67c4473ba984c2"}, 0x4, 0x4) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'macvtap0\x00', 0x0}) sendmsg$auto_MACSEC_CMD_ADD_RXSC(r1, &(0x7f0000004100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000002700)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="010026bd7000fcdbdf650100000008000100", @ANYRES32=r7, @ANYBLOB="6af28a7a6390b93bdb722cf1463aef27878812b607f12653b5de2d282d8d4d2eba0b66ee170171a6128d62b01344ae1c18a17a3bbe3b262849da20cdcbd0383ffa04a6ee39a16a4268deda8f26fbab48e2a49116c0626a104aa9d7dbb2d053edb10c174e6829d7a01f4f5bb4c93d39b2a993b1873cf7984e809173363c0ba8dbbbc6298eee73d4e640052b7370303af09b9b3888fd1f5577d6f223483b0555d3c3473406b5807447ea329f9baab0e0eabeec8a7241e0fb523cea45d12fab09d041b0c836258b814276d51a2161cda286a8fbed77efbb42"], 0x1c}, 0x1, 0x0, 0x0, 0x20040801}, 0x4000000) 5.521182133s ago: executing program 1 (id=3357): mmap$auto(0x0, 0x83, 0xe2, 0xeb1, 0x405, 0x8000) setsockopt$auto(0x3, 0x11b, 0x2, 0xffffffffffffffff, 0x9) semctl$auto(0x7, 0x2, 0x13, 0x1) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r1 = socket(0xa, 0x3, 0x3a) setsockopt$auto(r1, 0x29, 0x3c, 0xffffffffffffffff, 0x1) sendmmsg$auto(r0, &(0x7f0000001640)={{&(0x7f0000001480)="e4f8c35267c05b90db1ffcf91e03bbd3a6701185", 0x81, &(0x7f0000001540)={&(0x7f00000014c0)="ddd42bac62a66de6a2f726068c46737ae0bf08b989a2d0a954260b40b58fb8c9a045ec88edc6675e6961e74e9c6eab738c740f2562858675adc286ac9c46bb087edc2ff3fe24508152", 0x895}, 0x8, &(0x7f0000001580)="2f6560915602c001672d21fade8f99480d32d343bf28577e73f692d61a85ad05c8927cb180b50fa02e5a054d3fbbf67c177cddae5b425db94473bba1de197883a214b74fad0da46bba0e944e5cb3166a0ccd0fb4690c0db9024dd07902e8598f62a9c962d6a0117a4974af4d1ce56a04dcf358796402871fc68ffbc921eba238c5aa9d2a278eb0a446f387745ef06487dfe596b0813fe77a2244dbfcd849bafb1f5719a0449dd55bdd882f8cf313360e377bf79f6db6e4c74c067911", 0x23a, 0x4}, 0xfffffff9}, 0x3, 0x80000000) mmap$auto(0x0, 0x2000a, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r2 = getpid() sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x24040004}, 0x800) process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) r3 = waitid$auto_P_ALL(0x0, 0x1, &(0x7f0000000180)={@siginfo_0_0={0x9, 0x7, 0xbf3, @_kill={r2, 0xee01}}}, 0x7, &(0x7f00000002c0)={{0x0, 0x3}, {0x9c, 0x4}, 0x8, 0xe, 0x3, 0x1, 0x2, 0x5, 0x7fff, 0x6, 0x1, 0x9, 0x200, 0x98d, 0x6, 0x1}) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/usbip-vudc.0/udc/usbip-vudc.0/current_speed\x00', 0x181040, 0x0) exit$auto(0x2) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000140), r5) r7 = getpgrp(0x0) sendmsg$auto_TASKSTATS_CMD_GET(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001680)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="010a2bbd7000fbdbdf250100000008000200", @ANYRES32=r7, @ANYBLOB="3ee760183a270aae76dd4bc3ca76e2263fcc26f06e7bc3dc9000f8368c4fd5a9de49770e90e15d72b7d5ef"], 0x1c}, 0x1, 0x0, 0x0, 0x4001}, 0x20000000) read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000200)=""/206, 0xce) process_vm_readv$auto(r3, &(0x7f0000000040)={&(0x7f0000000380)="e37190db219e681cf50ac122c25b6ef1a3294ccd08087828bbb1fa82a284153e7faea56cd423bb82d368b35fe7d9cbb90ae40428cb34b0b7d12d983a8446be93bd2fcdfb00e47e4b1ec8c4d3758fc6e2038ba710b855be39a5ffc339cb4309563f1a16317da764d2301a9934726d072cbc9e8f55e6010f7d3b4d8682586b40892f7bdbb42a6d834522d3f9abc298ae15d58987fe4a31127aaaae2665428694a1216ceafcaa64f59bd427706fdaa7b07080282ad84200c07cc05baef1dfe5b015d4c1231bf922718a99bc61105094a4f0f9670c6f5ac347b27b61eac6290de12e6517e74a28bd", 0x4}, 0x5, &(0x7f0000000100)={&(0x7f0000000480)="505d9769b40b6e95fa27a75a6560a88f2a62b3fc3a74ac70161d3d653c74d24a6589e7d58f0c7d34ecab81db74a956938b74cf52b2ef65821be57f1707cc1cdbe0851e77c0464dcd367e711b4e5aeb18a8f14ae1697662f051c3ac7e708aea05563c5ed44d32dd897139390f07e896614deba70561a6b790893e7318c38f080b1518a201c37de462f743f1855f8f518ee0199a82fecaf305f888751acb0d662f20067daf9752e6e1033ada7ed30e1268f4de0eed9af1935582713cd21f1b87e0a7a77befbcad7b7493d4e10c2f541d7c15f0c89e875eca6d4f7b5e236f53d060b3cd3faed313a24d4b9e5f5a89e46b87672d04df0fdef10536c7153dac695135ce5bcfdd1b50d187699a2e6dca76091436798de695b42ecbb95c29bf1a7dbba11a6fbe92facc78a303104b16fbeeaa0c112619c920face6d53786ece21be6ba1d593e900c1b6e67893302610b33ca632c1e5c49e9d56e5dae7a7c5079ba040906190675ba4279e2b249be5f66453fb7ae077dac6f0433c9eab3394a700aa12e22e55f31f2d1d58b2132cc28856433dae77ea3c5d8497e698c2df1cbc3e697455b6ac4d4b39d0f78b407cce33ae893d332a20eafcfbb51babb579caa160d699b979ad34cc273ff1568f4eb445285f359d11244fdfc1ecc814a80541e839ecf2add1fbf1d71cc3ab50efa7e69ead9eceab14dd3ac3f4f6e69bf80d360d705f6ef385b15e1759ba8c176b794eaadfcdd63c3178bfc579f07742f74441dfdd4a9e34ed78794e625510ddbc9842d9d5ef3edfbc14922f1c9389dab454a4f007f455b67c6cea617b9b5cb8347d864ffd86d652ebfe516cf37bec584a0564d746c3b6f690594f79aa0cebe0028e012a6743306af2158ca2cf5197b5496201216a369e6103c84c6ad26e77294a2d0f0951573e9e57fea7a60f93a073979243ca54731e1d339661fca4d1651c1734fb6b1729811c47018eb6c29cc0484eedfa3ebe988e937089f5382ed83f8ce4ee89d18af737e7a420b39573ded07a95026678d4306a4bb6b426125da64fc0579a8ba0788a7ad3c66c7ef0a20fc8a4d965c2b2ab14ceeeb2928dd216dbd8ead6d38c091b82c863d1939ff908ec100f88a74b6dc566ae7de3ad677c73f4640a16d9517133fbc6b424b61701ac2dc35f581abcb12ca54ff2adfcc26643bfe0d47813af2ed4737bbce4804bfa3f6ca0928049ba32b94fbca4adbbdc6dbcc50355f279732e4d50d7ed701d3fe42dd8d7a53d2b4d1ca723e54adab0a7866f48f59bc59478fc0f1443b0881d916d64a0dbcba1b8fc30c8bdf8133141fe695df60c34a4bda3f706fba6df03f735ff528aac4cc4dc3b960c57bae3acaf5d33de60c7e5e433e35f92ba136f0a4b50e57c6b77ebc079968a7b9dd9663c9840e0b3cc90e3a6588abdbb12dfe236f212abaa433e11a07457ca0aede0318014b8b7c0999a0820a799703be847f90f9c8e888731868e64a075ecdfb53c41110560c638fa439f5d3dec74cdfb04c0a2328c29683c080d1058c28a5d26a898b0168d33c4587eb3073fb96950fa5164cfe8bfb65d2a5bd9e2ae201f8e4366006e4397a5b4cc840c0ccef399008f8bee1d6d81555d3307fa9a33585079ec84c566ea6ba23a3eb5943d7f05230be603a15f6ce0c419f823a9f06a8580f065cbc01d737e0d08c0590f482807f9b79e0fe41283adf2e4494e57390895e9babcf236385270df0b3e6baedac606a3da3cc2acf838522d8576161047e5544d96311c173757b52354f494c218cf83e8e1b93b3164e43f507453402876ea22df30d92f127897efb67d0f6055469be06ef48c0927330ecb7a5381e2e9f51be65709c97bb88304d5bc60c7be6b7cee7100e3179ce162c49bd4a50974d8a2c3b6c1a53747ba75c945e9d0b8fd60a79cf93a15d8fa6f052e0630438dfc5718c9f1657d1fe903f65dbad692351531ad6eb83ca256a638940e3ca092c5db0db3573cb900af0d6e9b85e9f44ac23e1ed3eba48c4c40a0a87b7dec18cffd9d0eaff93131c85bd8b09d21d22483facd9bbc9f9859f36c22af40686dbe7aa953d959025bc1487343bda0eef069b7e79f41d0ac37e23a92aa635377379eb8e3e3a8da28e2aec6bf879c5d9fbfc2757a12dba5c0e16462d9e1a434c8c41ac32fbf367a15ff4ba5dacd6d72634d9c468087e4e619e228dbd6b8320aad974241295b25328131ecc6ae6fb6d79041aadb1b67c71cd87b79121c388603d3ea5127d8b27fe41278ed9dbd7dd979a3a54ea036ec1a302c8071d384197dad8774ef2d0fca9dd4fe660427f5097a84bde5c6cadd961dffb1392c4dc519f8a084e5420718c379d1225b97f2de98b83df5d5759ad564394ba0cb09b4046fafa127ae523153cf4f77957602b3f4d850be09b1b1704eb0a44d6963822c19bfa8985dd82f4eded4af4addbe279d5a6d90f2d80e228bfeb65fa74c9c5c50d361602b21444d9cbfe2397529fdb1cebe58104dbf1971dc6e782128df4bee94c961e6093d63d8ba982402452a41d2c92e99fe17b3d6cddb1c3f075e820fb6e9b5bfe0f01f5632e695d7c0ed7b039ce5cd0cf0857b8da380acd836eb39250c29895b67ef29bdc621f12caeac712611aa2f346fddb9f63e45bc9acb4e67fa5aa6d9eee2bdb8f319a2e05f6305520cb04a039691159d3ef1fe8e651038b46d5b91311d3c8950383947acc78b39e60943f5c97e9dfd75414609c684406743233faf8fbffb7cd9c97a7e0eae06fc01627040fcbfe578e6117f0a2eb377eb71d08bdaae64dd7ec539f53e6ca6c96e3ecee1a2151db60552336a65630f811d021a617e4493019f2f78a0e7670c69b7e3069d0b5d42fce514168f0fdbdeb6251ab549f16f67d38d3ad7e96e7a7c281a591114496d7afe08dc62e6d38834e1a1de84353eebddda67857250772ef5990ab943582a2c735fcee0880e1985d6a86d255e3d2f8f305f68bc1a45866455b35ecde7ebcbb026b807aeeb334133cdd26f8ed689eb8bd36938a2d3ba6e04f215e04eb2a034744660460a55399a29c5457ce77be7870335a13facdf7f1b59b3979269a1340900e8f5cdcbfa1354ae74e364b45f1c5f2e4f8170e7c7691ebb456852e030c1fc2d68399e21276ab16b29de337d7235f459796d6cedd63f8fd4cb88755275f881e428e89b648b03d3d48aa57aa76b1ba6bc0ebd3aeb943b8329dde1a4799a0c3f16fcd1f674a413764ba0570a82ecbba17b0de324946747e2de2a554b9b1c693ecabf26dd3feb48371f1fca917ddc3d2e0915125ce00bb0c5a7377ebf60052290ab7cd0b275a7fd4e2d8e9de6a716942b8b8d9e81132d25cdfcbf4cd16ad62dfc879f7e1f822ef7b4ff857d92aabc7cb52c972ff66a87a6cc663512fdb0619fb7858aeb1c0e6faed7ae0c5197ef059c55f45436809c3d3bcf72eab2c17f8461b593f4bb1ccc4f5f2cf38f9ed1b776cabd6468d81e8a921b05805d21558bc5094b949e2d3b67260c25b88693d04d3ad79aeb1025f2913ac94b10ce2e31402ebd388beb8f0aaadfd5cdf4e5033de2ad06299e21b138d39dd3b09a60c38b84eb61e525590b327c319e0108694524c7b8499cff1279aac0ee222224529c586cf32cb7616086ca36147276965515c61c26f617a2a83eeb16342ab5dde88d095f5f7e534bbf1a658f4b7114d4285581d9c1846623ad1b002b168e645b974580ec4421f26e8872b397a33d00abb2e46687b4c89c635b2db8f66b9c7131279fd6a4bf06e92f2b9f0c58515a2e0047d7f182e59f8b955ff1718f5ee7ddcd47160bdb472fc9c853231708aa57c1a61a57d81fbdb3f0e6f35d783612d6c481a6ee6cb8a3417be41c6f860abdd34fd253cdaf2b14b0951ffdd7cf0f21941118ce67e283ed6f4be14c563047cbd5f310554a16ad28b5c16e2c2a3ce92afa2f818c776dde17b6071293ee7c33e7f282247dc577eaa14a8f34a6c9f3fae550594670bc265489b5770439b09ad22b9f8d4c03861acba1e88531cecd73a176a347411ecb683c14a8db408b43a3771a07ff3f836335747b063a6208fa06f9cacf9af2b6cdcf1ce6019a63f4a48fa43f8cda04b2a1c86ca7e59d0052ad071adf851c2a01fe8083f0f3935c89386da43ea3bc90fbb81db3e1ed0ffe42878017091601667f0737f7a4754b07661267188cad146b6a2ebd217073bb5666d437442d785380f2ebc2af4db93b906513dfa62dc6d649fe39992835586e121412da0eb1893a84e5507e10cbcc351f0b1ae53fbdf9431e696556e7204363a017ccf36d839a47ddc316ca9a0edd49b62949f78c4957eebf1f5d2fe3a9d41b6feab2780e4eed73e045d3503cf4ecde2e62e23119070a09e0da410a602b23a0872a2b41d59b76af5b7b35c64889da7471c0d877537644972c455cae15423e46fcf2c317414acaa160020ee820d5602b936d3b763797ccd70438da9587668200addc9f657ec661b12da10b0dbc985f46fd861de31b8c551c7240c81aa77a07953b9b754fa2cff481a41d05187c323539cf19a717cb891deb2abc00e0f97b0b99f923663d7da7f108abb1ea1a014363e244c9196cda822d24056558727777ea1c96be1e094b429ff7fde9d5dd592e1e889ab2206b2b68e08a825cd7d264b0566295107ca944269bc68a3475419e17e90cb7c42fd49ec4444061359c36874dffc43c13a28009630dd895ad8c16d22524b837df71bd36e29dc0c6aef5fe65ed890bdc0531f153ae1823d747bdc5f8d07704eddd5b730caa8f8705a591e2eefe4b49a19bfcc2a24ea6c523a4b23ac5cc4950daea6ff7fe33cdef1f257af9896a6594d25d61355c88f11348c05e2e1e3cdd873a5d7671901e53adb4b3bcd6afa41e9015cafabe5abed3963b3da8042f4f5547217f3eec6aa9ce330407527a93826d9741ca1fa1e29b2310a1f78b1dc7fa166e8d9db20a7d0a82f6bb4c7a57c2e7e06334f1d0344b609e582603e5dc626a0a46a6cf2cc248eeff2ff3b60688bf473e1dca21323774416a470a8994ce76dafc5ec8a7779436f23b0731b9f297b212d23f728cfb73021618c5324cf84b84408890294ff248aecf3956d7ce47b44b2b9437cc4ab97f6ec01d22a6162c05ca3223a817f6eb71af4cf1368d3d9ea4e53b34171cb9d1c9f7a7f16d4b1c6f2bf1cc470173ea92890bfa3c65e581d396e39ae7b93b8d637e45eca7ad35f276b7ed754993f7b48e7a3c6691d1ed8acabf5a41dd64b1659f4c0c07ceaf28e979046089188f51ed424d359e5600db97ecbe466d955139e5967f37354b2e3613f0724ff3ae00057d405738ae7328487b8c138349fbc34a2c0231d1debbaf98c65a36ef222edde952d5ecc0a07c1098ee1e8c566a0046e11c1ece913c70a34df8ce83bbf5800d377139fdc1922d95030b698d4a8173f5812fe5f53c27fbe6b81bd4f3da15f417098cf8d5f5303b1d2a8bbf70c26e5c1f4f47593e8b4dc73740adaca1e36ab42ee9ecb6e4e84e4b9f7e7de990b62094b8b9939f30974a137c6b027e3cbcce47ecdc4b8e6f8e3be753a3e753f778f0908414156a9cec18d2d1137197a6bc08521f99ac4a9960e3ac6d5b2af1dca47781259928a5e22855896819aa4fc390d146ca420dd9acf69b8fd355b9cc6803abd2b92b4eafe59bdb637aa48ed2b18b90be703ca8dc95b304246b54b00d79ddb587805e66b29cdf2ac1bbe8a7aaab4f60d03520c19d934f258b7063549d09da0eb343a8e3112fab9437b74d41f24ddbabb221c52008", 0x64f800000}, 0x83, 0x5) r8 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000200), 0x103001, 0x0) connect$auto(r8, &(0x7f00000000c0)=@vsock, 0xfffff800) ioctl$auto_I2C_RDWR(r8, 0x707, 0x0) bpf$auto(0x6, &(0x7f0000000100)=@bpf_attr_7={@btf_id=0x86, 0x5, 0x10}, 0x6f4) ioctl$auto(r0, 0x560a, 0x7) userfaultfd$auto(0x4) r9 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r9, 0x4, 0x7ff) ptrace$auto_PTRACE_GETSIGINFO(0x4202, r9, 0xff, 0x0) 5.379228381s ago: executing program 0 (id=3358): ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85513, &(0x7f0000000100)={{@inferred, 0x85, 0x3, 0x9, "669cbbd9e9756f22fdffa188e0f106000000000000000b2f4ab8633824f2d2252ca5f200", @raw=0x8}, 0x0, @integer=@value=[0xedc, 0x1, 0x80, 0x2, 0xfffffffffffffff9, 0x7, 0x10001, 0x9, 0x200, 0x8, 0x40df, 0x9, 0x6, 0xfffffffffffffffc, 0x200, 0x88, 0x7, 0xffffffffffffb42b, 0x9b1, 0x4, 0x100000005, 0x1, 0x53, 0x0, 0xbbd, 0x10, 0x4, 0xfff, 0x7, 0x9, 0x3, 0x5, 0x0, 0x6, 0x6, 0x7fffffffffffffff, 0xd4, 0x8, 0xfcf, 0x304, 0x696, 0x3c, 0x3, 0x80000000, 0x5, 0x351, 0xad, 0x1000, 0x3ff, 0x50, 0x4, 0x3, 0xf1, 0x1, 0x8, 0xfffffffffffffff5, 0x2, 0x8000000000000000, 0x2, 0xffff, 0xa, 0xfffffffffffffffe, 0x7f, 0xfffffffffffffff4, 0x4, 0x574, 0x2, 0x2, 0x0, 0x80, 0x9, 0xa8, 0x3, 0x9, 0x0, 0x2, 0x3, 0xd96d, 0x8, 0xba, 0x5, 0xfffffffffffff85f, 0x100000001, 0x1, 0x4, 0x2e, 0x7, 0x1000, 0x7d, 0xe30, 0xc907, 0x2, 0x2, 0x0, 0x80e5, 0x3ff, 0x0, 0x7f, 0xffffffff, 0x3f7e476d, 0xb, 0x5, 0xd95a, 0xa, 0x81, 0xce73, 0x9, 0x19a, 0xa, 0x26, 0xfffffffffffffffd, 0xffffffffffffffff, 0xffffffff, 0x4, 0x101, 0x8, 0x4, 0x0, 0x7, 0xffff, 0xffffffff, 0x7fffffff, 0x4, 0x9, 0x0, 0x10000000ffff, 0x1, 0x9], "282f77b07e718ed4d99a34617774e3a82f982e0f05e516c299a28a585e87e0d908e2c8e50de5016f1de5d432da2cc20e951d8fcdc4f791a11996aad5af504c0d9927e62ef70b23a13735a4fe805c1ce1b6b1d83d21bb42794ec925b4547a3d52d4b5210392111e181719fef9d685b6534b171d76ad633f94a608b818600a6c85"}) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x109401, 0x0) write$auto(r0, 0x0, 0xcd) write$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000040), 0x0) semctl$auto(0x7fff, 0x1ff, 0x0, 0x88) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/interrupts\x00', 0x18b202, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f00000000c0), 0x141401, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) socket(0x2, 0x80002, 0x73) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) r1 = syz_clone(0x20011, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x4206, r1, 0x0, 0x200005) read$auto(0x3, 0x0, 0x8080) 5.064421141s ago: executing program 0 (id=3359): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x1eba02, 0x0) setresuid$auto(0x0, 0x0, 0x0) ioctl$auto_BLKALIGNOFF(r0, 0x127a, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x40000008000) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800) sendmsg$auto_NL80211_CMD_GET_MPATH(r2, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x41811}, 0x40000) close_range$auto(0x2, 0x8, 0x0) r3 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYRES32=r1, @ANYRESHEX=r3, @ANYRESHEX=r2], 0x14}, 0x1, 0x0, 0x0, 0x20000045}, 0x20000000) write$auto(r2, &(0x7f0000000280)='\xab\x1d\xd9\x98EXP', 0x18000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/dummy_hcd.7/usb8/remove\x00', 0xa001, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mbind$auto(0x2000, 0x100000008, 0x2100000000, 0x0, 0x6, 0x2) madvise$auto(0x110c230000, 0x8031ca, 0x9) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) bpf$auto(0x7fffffe, &(0x7f0000000000)=@test={0xffffffffffffffff, 0x5, 0x9, 0x3, 0x80, 0x8, 0x4, 0x1, 0x200, 0x8, 0x401, 0x2, 0xe2, 0x4, 0xd}, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r4, 0x0, 0x100000a3d7) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sg0\x00', 0x165000, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r5, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) dup$auto(0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x1000000008000) unshare$auto(0x40000080) ioctl$auto_BINDER_SET_CONTEXT_MGR(r2, 0x40046207, &(0x7f0000000200)="3de946098a0c903f0ed8b596470b32995910a626ef6495be189e7e49981164e3621d1403f4755992b6897d6c53cb7c") 4.555405252s ago: executing program 1 (id=3363): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x2, 0x801, 0x106) sendmsg$auto_NL80211_CMD_SET_QOS_MAP(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x40080}, 0x24008041) close_range$auto(0x0, 0xfffffffffffff000, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xebd, r0, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) r2 = openat$auto_bm_status_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f00000002c0), 0x430680, 0x0) read$auto_bm_status_operations_binfmt_misc(r2, &(0x7f0000000300)=""/160, 0xa0) mremap$auto(0x0, 0xffffffffffffffff, 0x3fd6, 0x3, 0x7fffffffb000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r3 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000240)='/dev/snd/pcmC1D0c\x00', 0x1, 0x0) ioctl$auto___SNDRV_PCM_IOCTL_SYNC_PTR642(r3, 0xc0884123, 0x0) r4 = syz_genetlink_get_family_id$auto_nlbl_unlbl(&(0x7f0000000080), r0) sendmsg$auto_NLBL_UNLABEL_C_LIST(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="28651e00", @ANYRES16=r4, @ANYBLOB="100028bd7000fedbdf250200000014000200fe800000000000000000000000000027"], 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x800) r5 = open(&(0x7f0000000100)='.\x00', 0x40000, 0x0) pread64$auto(r0, &(0x7f0000000280)='+:\x00', 0x5, 0xe) getdents64$auto(r5, 0x0, 0x400) clone$auto(0x100000020003b49, 0x80000000002, 0x0, 0x0, 0x4) r6 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(r6, 0xfffffffffffff000, 0x2) r7 = landlock_create_ruleset$auto(&(0x7f0000000000)={0x100000006, 0x400, 0xc}, 0x9, 0xe1e) pwrite64$auto(r7, &(0x7f00000003c0)='/proc/sys/fs/binfmt_misc/status\x00', 0x4, 0x8) landlock_add_rule$auto(r6, 0x1, 0x0, 0x0) landlock_restrict_self$auto(r0, 0x0) creat$auto(0x0, 0x3ff) 4.511480702s ago: executing program 4 (id=3364): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1a9402, 0x0) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, 0x0, 0x800) timer_create$auto(0x9, 0x0, 0x0) read$auto(0x3, 0x0, 0x8080) socket(0xa, 0x1, 0x100) write$auto(0x3, 0x0, 0xffd8) unshare$auto(0x40000080) fsconfig$auto(r0, 0x800, &(0x7f0000000040)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/power/wakeup_abort_count\x00', 0x0, 0x0) write$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffffff, &(0x7f00000001c0), 0x0) process_mrelease$auto(0xffffffffffffffff, 0xa) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mount$auto(0x0, 0xfffffffffffffffe, 0x0, 0x80, 0xfffffffffffffffe) ioctl$auto_BCH_IOCTL_DISK_GET_IDX(r2, 0x4008bc0d, &(0x7f0000000080)={0x8}) write$auto(r1, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8\xa6\xb6\xaa\x96/OX\xba\x02\xc5\xc6B\x1d}Y\xbc@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf\xd6f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8', 0x100000a3d6) r3 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/ext4/sda1/es_shrinker_info\x00', 0x8880, 0x0) read$auto_proc_iter_file_ops_compat_inode(r3, &(0x7f0000000040)=""/27, 0x1b) mkdir$auto(&(0x7f0000000100)='./file0\x00', 0xff) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x802, 0x0) socket(0x2, 0x1, 0x106) mmap$auto(0x1000000000, 0x100000400008, 0x1000000000000df, 0x4000009b73, r2, 0x8000) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000000c0), 0x200040, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x14, 0x944, 0x1ffe0, 0x3, 0x6, 0x2, 0x9, 0x5, 0xfff, 0x7, 0x8001, 0x2, 0x5, 0x3, 0x40, 0x7, 0x0, 0x0, 0x6, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}, 0x1fe, 0x81) r4 = socket(0x2c, 0x2, 0x0) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='T'], 0x1ac}, 0x1, 0x0, 0x0, 0x801}, 0x40000) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 3.279592413s ago: executing program 1 (id=3369): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010025bd7000fddbdf2503000000040007800c0002000500000000000003080001"], 0x2c}, 0x1, 0x0, 0x0, 0x20004080}, 0x8880) 3.14970888s ago: executing program 4 (id=3370): r0 = socket(0x2, 0x801, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6d) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020209, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = socket(0x2b, 0x1, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x480401, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x4, 0x0, 0x2, 0x4}, 0x8}, 0x5, 0x20000000) sendmsg$auto_ETHTOOL_MSG_TSCONFIG_SET(r0, 0x0, 0x24044010) close_range$auto(0x2, 0x8, 0x0) 2.93298123s ago: executing program 4 (id=3372): sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x4000804) (async) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x14, 0x7, 0x63, 0x0, 0x0, 0x0, 0x0, 0x40000000000f, 0x1000, 0xfffffffffffffffd, 0x7ffffffd, 0x4000000000009, 0xffffffff7ffffffc, 0x9, 0xf, 0x200000100103}) (async, rerun: 64) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) (async, rerun: 64) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async, rerun: 64) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) (async, rerun: 64) prctl$auto(0x5, 0x80000000, 0x0, 0x74, 0x8) (async) mmap$auto(0x5000000000, 0x810004, 0x0, 0x15, 0x3, 0xc42) (async) shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa) syz_clone(0x21000000, 0x0, 0x0, 0x0, 0x0, 0x0) shmdt$auto(&(0x7f0000000000)='(\x00') (async) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) (async, rerun: 32) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty0\x00', 0x201, 0x0) (rerun: 32) socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x149942, 0x0) ioctl$auto_TIOCVHANGUP2(r1, 0x5437, 0x0) mmap$auto(0xfffffffffffffffe, 0x400008, 0xdf, 0x800009b71, 0x2, 0x9) sysinfo$auto(&(0x7f0000000100)={0x5, [0x404, 0xc, 0x100], 0x200, 0xd5, 0x0, 0x6, 0x6, 0x1, 0x7f, 0x0, 0x100000000, 0x7, 0x6}) (async, rerun: 64) process_vm_readv$auto(0x0, &(0x7f0000000080)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={0x0, 0x40000000001243}, 0xa, 0x0) (rerun: 64) setsockopt$auto(r0, 0x0, 0x60, 0x0, 0x6f7250c4) (async) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x400, 0x0) (async) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async, rerun: 32) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) (rerun: 32) ioctl$auto_TCSBRKP2(r2, 0x5425, 0x0) io_uring_setup$auto(0x1, 0x0) (async, rerun: 32) close_range$auto(0x2, 0xa, 0x0) (async, rerun: 32) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TCFLSH2(r3, 0x5408, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/loop9/queue/nr_requests\x00', 0x189202, 0x0) sendfile$auto(r4, r4, 0x0, 0x3) 2.854348127s ago: executing program 1 (id=3373): socket(0x1e, 0x1, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) open_tree_attr$auto(r0, 0x0, 0x45, 0x0, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r0, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(0xffffffffffffffff, 0x10f, 0x4, 0x0, 0x14) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) unshare$auto(0x20000080) r1 = openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0) write$auto(r1, &(0x7f0000000200)='&\x00', 0x8) syz_clone3(&(0x7f0000000300)={0x28020400, 0x0, 0x0, 0x0, {0x35}, 0x0, 0x0, 0x0, 0x0}, 0x58) socket(0x15, 0xa, 0x106) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) r3 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f00000002c0), 0x80000, 0x0) ioctl$auto_UBI_IOCATT(r3, 0x40186f40, &(0x7f0000000000)={0xffffffff, 0x1, 0xf7d, 0x70, 0x1, 0x1}) sysfs$auto(0x2, 0xd, 0x0) r4 = fsopen$auto(0x0, 0x1) fsconfig$auto(r4, 0x8, 0x0, 0x0, 0x0) fsconfig$auto_FSCONFIG_SET_BINARY(r4, 0x2, &(0x7f0000000300)='\v\'\bn\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x1e7\xbb\xedO#\x14mC\x97\x06\xd9bZ\xddL\'\x03\x00\xff\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\xc6\xc0\x8b\xc0CL\"\x01\x0e#\xae\xa9i8W\xe5Iq\xf0\xcdr\xfa\xed<\x86[c4%\xa3\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6\b\xe5\xaaJ+\x02\x9b#\xa9\x9b\x17\x82\xd7\xee\xd1\xbf2\x03\x00\x00\x00\x00\x00\x00\x00B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\x00\x00\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\xb2\x1d\xb3\xef#\xcb}b\x90\xafR\xf5\x8cg\x95A\x89\x8d\x9a\xfcV\x9bm\xd4\x82\x7f9\x12\x98\x1c\x8e\x1f\xdc\xe5Y\x7f\xe8\xe1g%\xb8\xf9b!\xc8\xa0\xf7\x06\xbb\xdf\x1d\xfb\x00\x979\x8e\xd0AP\xbf\x1fM\x1fd~\xeeS^8v\x80\x1b\xb1I\xb1\xa4\x89\xc7\x9d\xf2P\x04\x99N{\x9a\xfa\xf3\xcb\xc3Bx\xb5\xb8*\xa0-\xda\x84\xc5S\xe2\xc6\x92/\xed\xc2\xceK\xad\x00\x00*)Hh\x8d\x06cQ\xf1\x9d\xad\r}\x15e\x18\x06\xe3\xd2\xe4Q', &(0x7f00000000c0)="9ace9853156d346074829a6a60ebf67c475dd49ef8432151f22c27f4b1213b19bff0738d2582d9", 0x5) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x401, 0x0) syz_clone(0x519fe2330e8225a8, 0x0, 0x44, 0x0, 0x0, 0x0) getsockopt$auto(0xffffffffffffffff, 0x84, 0x1, 0x0, 0x0) 2.282401741s ago: executing program 3 (id=3377): openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0) (async) r0 = openat$auto_fops_init_pkru_pkeys(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, r0, 0x8000) r1 = socket(0x11, 0x80003, 0x300) name_to_handle_at$auto(0xffffffffffffffff, &(0x7f00000001c0)='/\x00', &(0x7f0000000400)={0x0, 0x10}, 0x0, 0x1001) (async) setsockopt$auto(r1, 0x107, 0x12, 0x0, 0x4) r2 = socket(0x11, 0x3, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) (async) sendmmsg$auto(r2, &(0x7f00000006c0)={{&(0x7f0000000000), 0x5ae, &(0x7f0000000100)={&(0x7f0000000200)="4c0300", 0x101}, 0x5, 0x0, 0x5, 0x1}, 0x5}, 0x2, 0x100) 1.972272883s ago: executing program 3 (id=3378): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = bpf$auto(0x24, 0x0, 0x8) r1 = socket(0x2, 0x1, 0x106) bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) mmap$auto(0x0, 0x10000c5, 0x0, 0x40eb2, 0x402, 0x300000000000) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) write$auto(0x3, 0x0, 0xfffffdef) close_range$auto(0x2, 0x8, 0x0) epoll_ctl$auto_EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x1000, 0x8000000000000001}) r2 = socket(0x2, 0x3, 0x100) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) socket(0x10, 0x2, 0x4) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff050006000100", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) sendmsg$auto_NFSD_CMD_POOL_MODE_GET(r2, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x0, 0x200, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x0) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) mount$auto(0x0, &(0x7f00000001c0)='}[,&*}\x00', 0x0, 0x7fff, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc6}, 0x1, 0x0, 0x2, 0x9}, 0x7}, 0x3, 0xa6) 1.881156338s ago: executing program 4 (id=3379): select$auto(0xd, &(0x7f00000000c0)={[0x5, 0x9, 0x3, 0x3, 0x2, 0xb8, 0x0, 0x9, 0x8000000000000001, 0xffffffffffffff73, 0x8001, 0x2, 0xfffffffffffffffd, 0x8, 0x0, 0xa]}, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x88000, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$auto(r0, 0x1, 0xd, &(0x7f0000000300)='\x00', &(0x7f0000000340)=0x6) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) r1 = socket(0x18, 0x2, 0x7) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r2 = ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$auto(0x3, 0x8030ae7c, 0xffffffffffffffff) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) syz_genetlink_get_family_id$auto_smc_pnetid(0x0, 0xffffffffffffffff) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/cgroup\x00', 0x100800, 0x0) r3 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, 0x0, 0x202, 0xd) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000140), 0xffffffffffffffff) statmount$auto(0x0, &(0x7f0000000400)={0x8, 0x3ff, 0x100000003, 0xd77, 0xa, 0x7181, 0x81, 0x7, 0x7, 0x9a89, 0x3, 0x80005, 0x3, 0x1fffffffffff, 0xb4, 0x3, 0x2, 0x161, 0x80, 0xfffffffffffffffc, 0x200, 0xa, 0x22004, 0x200, 0x4, 0x84, 0x1000000000, 0xffffffff, 0x0, 0x4, 0x1, [0x1, 0x0, 0xea4, 0x9cf, 0x200000, 0x0, 0x0, 0x40000000000, 0x0, 0x2, 0x1000000, 0x0, 0x1, 0x5, 0xfffffffffffffffe, 0x0, 0x100000000, 0x40000000000, 0x6, 0x4, 0x5, 0x80800, 0x0, 0x0, 0xfffffffffffffffe, 0x5, 0x0, 0x1, 0xcb, 0x4000000002, 0x0, 0x0, 0x4, 0x4, 0x0, 0x0, 0x3, 0x100000000, 0x0, 0x10000], "ff6b1d55e2bb585e14b333b68361380000000033008a4a86f163c56877b57a2888d7109e437c681e371db0a6a1b603b28417f08dedcd4a5817b8a27399b335a7d5cb7a9eb4609f128963b1f6b185a3fa90d395cce31ff50986fe7cd57a2007bb122327ccbced773c5b06d6c2b08731910280fba3c6c00f8634c3e8a22801161e001c9afc4465b3333cc81ce5f25a6b18d78d8cc2792109000000000000000e189d1a3da64a64416014233a91"}, 0x1fe, 0xe) sendmsg$auto_NETDEV_CMD_QUEUE_GET(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4801}, 0x4008000) r4 = socket(0x2b, 0x1, 0x8) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x3f, &(0x7f0000000380)={&(0x7f0000001040), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xda5c}, 0x80000000}, 0x7, 0x0) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x5}, 0x7, 0x0) r5 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(r1, &(0x7f0000000000)=@can={0x1d, r6}, 0x6a) mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0xffffffffffffffff, 0x300000000000) io_uring_setup$auto(0x6, 0x0) 1.792267232s ago: executing program 3 (id=3380): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x3, 0x4001}, 0x4006b) mmap$auto(0x0, 0x30009, 0x4000000000df, 0x4000eb1, 0x401, 0x8000) unshare$auto(0x40000080) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/conf/geneve0/disable_policy\x00', 0x40180, 0x0) close_range$auto(0x2, 0x8, 0x0) semctl$auto(0xa, 0x2, 0x13, 0xde) r2 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x4c, 0x0, 0x9) ioctl$auto_I2C_SMBUS(r2, 0x720, &(0x7f0000000080)="8ec40fd419ba7ea6214186c0a8f940989326669cebe4ae7665bd85eca41bd7b66dced4c378a423dd1fc256f984c0a71ff7") recvmmsg$auto(0x3, 0x0, 0x80000401, 0x4000, 0x0) write$auto(r1, 0x0, 0x5) r3 = socket(0x11, 0xa, 0x9) bind$auto(r3, &(0x7f0000000140)=@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x38}}, 0x9) mkdir$auto(&(0x7f0000000080)='./file0\x00', 0x1) rmdir$auto(&(0x7f0000000280)='./file0\x00') socket(0x29, 0x6, 0xf) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) sendmsg$auto_OVS_FLOW_CMD_SET(r2, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x90}, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0x2b, 0x1, 0x0) listen$auto(0x3, 0x81) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kpagecount\x00', 0x0, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007) write$auto(r0, &(0x7f0000000040)='#*(\x00', 0x4) 1.294232477s ago: executing program 1 (id=3381): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010025bd7000fddbdf2503000000040007800c0002000500000000000000080001"], 0x2c}, 0x1, 0x300, 0x0, 0x20004080}, 0x8880) 1.153759883s ago: executing program 3 (id=3382): r0 = socket(0xa, 0x802, 0x3a) setsockopt$auto(r0, 0x29, 0x21, &(0x7f0000000880)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\xff\x1b\x01\x1e\xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\xf2Vw\xbe\x1c$\xddm\x8a\x9d\x91_\vBj\x0eQ\xce\x16\'C\x8c\x01\x80\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\x00\x00\x00\x00\xe4\xa5\xfe\xb5h\xae\xec%\xf9\x94>\xd6,\xf3\x98\'\xb0\t~~\xb4\x98\xbb3=A\x9c\x17\xaa\xce\fh-M\xdb-\x15VX\xfe\xca+\xb5\x95\xb3JL\x0fl\xe84\xbd\xa3nO\x9f\xfa\xb1\x06$\b$i3\x83\xd7\x06\xd6\x1e\xdbB\x9bb\x1cXC\x8c\x8b\xd9\xff\xf2Bf\x99!Z\x13\xff\xca\xf3e\x015\x9b\x86\xd6$\x1a\r3\x91\xb7\x942\xeb\xadVA\xfc\x1f\xbf1\xb7T\xc1\xbf\xc0\xc2\xfc\xe8w\xd33\xb2,\xb0\x9fA3\xc2\xa2\x1cM\x825\x94U\xbbNeb\xd2\xa9\x0f\xed\x8b\xea\xfa\x8a\x04.\xffMIw\x0f\xd6\xae^\xd2\xf1j\xcb\r\xa4\x1d0d\xca\x81\x9c\x80GL\x0e\xe6\x19\x8au\x1a7\xc5|\xf6\x1e\xe00\xc6\"\x83\x1c\xa2\x9e\a\x1c\xea\xa3\x9c\xe1BF\x05b\xf6\xdcf\x04\xd9B\xb9\x98\x9cq\xbd\xfb\xb5~\xf2\x8d\x9f`\xec\xd0\xafY\xcf\x84', 0x18000113) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "3d64dc8bff7fff7f610000000024"}, 0x55) getsockopt$auto_SO_ERROR(r0, 0x101, 0x4, &(0x7f0000000000)='-!$%:^*-Z/@:.+}-)]\x00', &(0x7f0000000040)=0xfffff801) getpeername$auto(0x3, 0x0, 0x0) 991.435292ms ago: executing program 3 (id=3383): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) read$auto(r0, &(0x7f0000001200)='\x00', 0x4) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000140)="3318cb") r1 = pipe2$auto(0x0, 0x80) mmap$auto(0x0, 0x202100a, 0x8, 0x2000000000000eb3, 0xfffffffffffffffa, 0x8002) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/dummy_hcd.1/usb2/2-0:1.0/ep_81/type\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) ioctl$auto_SNDCTL_DSP_CHANNELS(r0, 0xc0045006, 0x0) recvfrom$auto(r1, &(0x7f0000000080)="aa8102199fd0b87f52fb0cfb15d628d1b3a8a16c4aefc6ce9c12e2fc90260793045a8c0c7048e9c0d84b8a9ec545b68bc7407608e48f528f9db7fa4f88155336", 0x8000000000000001, 0x2, &(0x7f0000000180)=@vsock={0x28, 0x0, 0x2711, @host}, &(0x7f00000001c0)=0x2) openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) read$auto(0x3, 0x0, 0x80) readv$auto(0x3, &(0x7f0000000040)={0x0}, 0x1) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) mmap$auto(0x0, 0x200009, 0x2, 0x48eb1, 0xffffffffffffffff, 0x300000000000) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) madvise$auto(0x0, 0x6, 0x66) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) lseek$auto(0x3, 0x7fffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0xe779, 0x400000000007, 0xdf, 0x13, 0xffffffffffffffff, 0x2) socket(0xa, 0x1, 0x84) socket(0x28, 0x5, 0x0) bind$auto(0x3, 0x0, 0x6a) socket(0x23, 0xa, 0x4) 883.760771ms ago: executing program 4 (id=3384): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy9/netdev:wlan1/stations/08:02:11:00:00:00/flags\x00', 0x301483, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) lsm_list_modules$auto(0x0, 0x0, 0x0) r0 = socket(0x2, 0x801, 0x106) sendmsg$auto_ETHTOOL_MSG_LINKMODES_GET(r0, 0x0, 0x24040000) getsockopt$auto(r0, 0x11c, 0x3, 0x0, 0x0) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) write$auto(0xca, 0x0, 0x2b) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) shutdown$auto(0x200000003, 0x2) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000040), 0xffffffffffffffff) getsockopt$auto(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0) sendmsg$auto_GTP_CMD_NEWPDP(r1, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)={0x54, 0x0, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@GTPA_FLOW={0x6, 0x6, 0x5}, @GTPA_VERSION={0x8, 0x2, 0x3}, @GTPA_PEER_ADDRESS={0x8, 0x4, @rand_addr=0x64010101}, @GTPA_FLOW={0x6, 0x6, 0xfc00}, @GTPA_LINK={0x8, 0x1, 0x80000007}, @GTPA_LINK={0x8, 0x1, 0x80000001}, @GTPA_I_TEI={0x8, 0x8, 0x5e}, @GTPA_MS_ADDRESS={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x29}}]}, 0x54}, 0x1, 0x0, 0x0, 0x4040080}, 0x20000040) sendmsg$auto_IOAM6_CMD_DUMP_NAMESPACES(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080)={0x14, r2, 0x70b, 0x70bd24, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4040041}, 0xc840) write$auto(r1, 0x0, 0x800) 824.377334ms ago: executing program 1 (id=3385): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0xe8) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000001240)='/proc/thread-self/fail-nth\x00', 0xa0302, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_ocfs2_control_fops_stack_user(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, 0x0, 0x200, 0x0) r2 = socket(0x23, 0x2, 0x0) ioctl$auto(r2, 0x89ef, 0xffffffffffffffff) ioctl$auto_FS_IOC_UNRESVSP64(0xffffffffffffffff, 0x4030581e, 0xffffffffffff0001) r3 = socket(0xa, 0x801, 0x84) connect$auto(r3, 0x0, 0x856) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x14, r5, 0x1, 0x70bd2c, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) 721.019665ms ago: executing program 4 (id=3386): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0xe8) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000001240)='/proc/thread-self/fail-nth\x00', 0xa0302, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_ocfs2_control_fops_stack_user(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, 0x0, 0x200, 0x0) r2 = socket(0x23, 0x2, 0x0) ioctl$auto(r2, 0x89ef, 0xffffffffffffffff) ioctl$auto_FS_IOC_UNRESVSP64(0xffffffffffffffff, 0x4030581e, 0xffffffffffff0001) r3 = socket(0xa, 0x801, 0x84) connect$auto(r3, 0x0, 0x856) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x14, r5, 0x1, 0x70bd2c, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) 0s ago: executing program 3 (id=3387): prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x1) r0 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r0, 0x107, 0x7, 0x0, 0x108000) unshare$auto(0x40000080) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x2, 0x73) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card1/pcm0p/sub7/info\x00', 0x40, 0x0) read$auto(r1, 0x0, 0x100000000) r2 = socket(0x23, 0x2, 0x0) ioctl$auto(r2, 0x89a2, 0x8) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event0\x00', 0x2, 0x0) r4 = io_uring_setup$auto(0x86, 0x0) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r4) sendmsg$auto_NL80211_CMD_SET_POWER_SAVE(r4, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="24000000de92513e12f2ed0c82c48b992c9e6d8095f65296581c5b8a99fc6e9638446146cd4d82edaae13b420000000000000006f03fbc51978f29037c153810729f191b248fc274de5fa82364", @ANYRES16=r5, @ANYBLOB="02022cbd7000fbdbdf253d000000080022010600000008000500f9ffffff"], 0x24}, 0x1, 0x0, 0x0, 0x20000841}, 0x4004004) sendmsg$auto_NL80211_CMD_CONTROL_PORT_FRAME(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000200)={0x24, r5, 0x400, 0x70bd26, 0x25dfdbfe, {}, [@NL80211_ATTR_SSID={0xd, 0x34, "fc36eb88d2aae5bd49"}]}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x4) ioctl$auto_EVIOCGMASK(r3, 0x80104592, &(0x7f0000000000)={0x2000, 0x800004, 0x9}) write$auto(0x3, 0x0, 0x4fffffdf2) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x1) (async) socket(0x11, 0x80003, 0x300) (async) setsockopt$auto(r0, 0x107, 0x7, 0x0, 0x108000) (async) unshare$auto(0x40000080) (async) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) socket(0xa, 0x2, 0x73) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card1/pcm0p/sub7/info\x00', 0x40, 0x0) (async) read$auto(r1, 0x0, 0x100000000) (async) socket(0x23, 0x2, 0x0) (async) ioctl$auto(r2, 0x89a2, 0x8) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event0\x00', 0x2, 0x0) (async) io_uring_setup$auto(0x86, 0x0) (async) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r4) (async) sendmsg$auto_NL80211_CMD_SET_POWER_SAVE(r4, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="24000000de92513e12f2ed0c82c48b992c9e6d8095f65296581c5b8a99fc6e9638446146cd4d82edaae13b420000000000000006f03fbc51978f29037c153810729f191b248fc274de5fa82364", @ANYRES16=r5, @ANYBLOB="02022cbd7000fbdbdf253d000000080022010600000008000500f9ffffff"], 0x24}, 0x1, 0x0, 0x0, 0x20000841}, 0x4004004) (async) sendmsg$auto_NL80211_CMD_CONTROL_PORT_FRAME(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000200)={0x24, r5, 0x400, 0x70bd26, 0x25dfdbfe, {}, [@NL80211_ATTR_SSID={0xd, 0x34, "fc36eb88d2aae5bd49"}]}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x4) (async) ioctl$auto_EVIOCGMASK(r3, 0x80104592, &(0x7f0000000000)={0x2000, 0x800004, 0x9}) (async) write$auto(0x3, 0x0, 0x4fffffdf2) (async) kernel console output (not intermixed with test programs): RDI: 00007f367541609c [ 501.809463][T14925] RBP: 00007f3675416090 R08: 0000000000000000 R09: 0000000000000000 [ 501.809472][T14925] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 501.809480][T14925] R13: 00007f3675416128 R14: 00007fff4c006cd0 R15: 00007fff4c006db8 [ 501.809499][T14925] [ 503.445824][T14923] random: crng reseeded on system resumption [ 504.235782][T14953] binder: 14952:14953 ioctl 4018620d 9 returned -22 [ 504.948420][T14975] lo: entered allmulticast mode [ 505.020277][T14975] lo: left allmulticast mode [ 505.192099][T14985] lo: entered allmulticast mode [ 505.269085][T14985] lo: left allmulticast mode [ 505.794664][T15000] FAULT_INJECTION: forcing a failure. [ 505.794664][T15000] name failslab, interval 1, probability 0, space 0, times 0 [ 505.890814][T15000] CPU: 0 UID: 0 PID: 15000 Comm: syz.1.2682 Tainted: G L syzkaller #0 PREEMPT(full) [ 505.890842][T15000] Tainted: [L]=SOFTLOCKUP [ 505.890847][T15000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 505.890856][T15000] Call Trace: [ 505.890861][T15000] [ 505.890867][T15000] dump_stack_lvl+0x100/0x190 [ 505.890901][T15000] should_fail_ex.cold+0x5/0xa [ 505.890919][T15000] ? lsm_blob_alloc+0x68/0x90 [ 505.890940][T15000] should_failslab+0xc2/0x120 [ 505.890955][T15000] __kmalloc_noprof+0xe0/0x850 [ 505.890975][T15000] ? trace_kmalloc+0x101/0x130 [ 505.890992][T15000] lsm_blob_alloc+0x68/0x90 [ 505.891008][T15000] security_sk_alloc+0x2d/0x290 [ 505.891028][T15000] sk_prot_alloc+0x12a/0x2a0 [ 505.891049][T15000] sk_alloc+0x36/0xe80 [ 505.891064][T15000] __netlink_create+0x5e/0x2c0 [ 505.891078][T15000] ? __wake_up+0x3f/0x60 [ 505.891095][T15000] netlink_create+0x293/0x610 [ 505.891110][T15000] ? __pfx_genl_bind+0x10/0x10 [ 505.891127][T15000] ? __pfx_genl_unbind+0x10/0x10 [ 505.891144][T15000] ? __pfx_genl_release+0x10/0x10 [ 505.891164][T15000] __sock_create+0x339/0x860 [ 505.891188][T15000] __sys_socket+0x14d/0x260 [ 505.891208][T15000] ? exc_page_fault+0x6f/0xd0 [ 505.891225][T15000] ? __pfx___sys_socket+0x10/0x10 [ 505.891247][T15000] ? do_user_addr_fault+0x8d6/0x12f0 [ 505.891273][T15000] __x64_sys_socket+0x72/0xb0 [ 505.891294][T15000] ? lockdep_hardirqs_on+0x78/0x100 [ 505.891310][T15000] do_syscall_64+0x106/0xf80 [ 505.891326][T15000] ? clear_bhb_loop+0x40/0x90 [ 505.891343][T15000] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 505.891358][T15000] RIP: 0033:0x7fe0af79dec7 [ 505.891372][T15000] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 505.891386][T15000] RSP: 002b:00007fe0b059af98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 505.891401][T15000] RAX: ffffffffffffffda RBX: 00007fe0afa15fa0 RCX: 00007fe0af79dec7 [ 505.891411][T15000] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 505.891419][T15000] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 505.891428][T15000] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000000000000 [ 505.891437][T15000] R13: 00007fe0afa16038 R14: 00007fe0afa15fa0 R15: 00007ffc5ab3d3a8 [ 505.891457][T15000] [ 506.363939][T15007] usb usb15: usbfs: process 15007 (syz.3.2686) did not claim interface 0 before use [ 506.540025][T15024] lo: entered allmulticast mode [ 506.561762][T15024] lo: left allmulticast mode [ 506.566774][T15007] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 507.361908][T15039] block nbd8: shutting down sockets [ 507.941106][T15055] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4. [ 508.952212][ T29] audit: type=1326 audit(1771771582.724:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15081 comm="syz.4.2705" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f367519c629 code=0x0 [ 510.802125][ T29] audit: type=1804 audit(1771771584.554:26): pid=15120 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.2714" name="/newroot/107/file0" dev="tmpfs" ino=588 res=1 errno=0 [ 511.018129][T15127] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2715'. [ 511.835692][ T51] Bluetooth: hci5: unexpected event 0x32 length: 727 > 9 [ 512.085708][T15139] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 512.654094][T15161] FAULT_INJECTION: forcing a failure. [ 512.654094][T15161] name failslab, interval 1, probability 0, space 0, times 0 [ 512.774217][T15161] CPU: 0 UID: 8 PID: 15161 Comm: syz.1.2723 Tainted: G L syzkaller #0 PREEMPT(full) [ 512.774244][T15161] Tainted: [L]=SOFTLOCKUP [ 512.774249][T15161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 512.774259][T15161] Call Trace: [ 512.774264][T15161] [ 512.774270][T15161] dump_stack_lvl+0x100/0x190 [ 512.774296][T15161] should_fail_ex.cold+0x5/0xa [ 512.774315][T15161] should_failslab+0xc2/0x120 [ 512.774330][T15161] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 512.774350][T15161] ? cred_alloc_blank+0x1c/0xa0 [ 512.774372][T15161] ? __x64_sys_futex+0x34f/0x4d0 [ 512.774390][T15161] ? __x64_sys_futex+0x358/0x4d0 [ 512.774411][T15161] cred_alloc_blank+0x1c/0xa0 [ 512.774432][T15161] keyctl_session_to_parent+0x55/0xae0 [ 512.774456][T15161] __do_sys_keyctl+0x2b1/0x5a0 [ 512.774477][T15161] do_syscall_64+0x106/0xf80 [ 512.774493][T15161] ? clear_bhb_loop+0x40/0x90 [ 512.774510][T15161] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 512.774526][T15161] RIP: 0033:0x7fe0af79c629 [ 512.774539][T15161] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 512.774554][T15161] RSP: 002b:00007fe0b059c028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 512.774568][T15161] RAX: ffffffffffffffda RBX: 00007fe0afa15fa0 RCX: 00007fe0af79c629 [ 512.774578][T15161] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000012 [ 512.774587][T15161] RBP: 00007fe0af832b39 R08: 0000000000000001 R09: 0000000000000000 [ 512.774596][T15161] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 512.774604][T15161] R13: 00007fe0afa16038 R14: 00007fe0afa15fa0 R15: 00007ffc5ab3d3a8 [ 512.774623][T15161] [ 513.630863][T15184] usb usb15: usbfs: process 15184 (syz.0.2729) did not claim interface 0 before use [ 513.782789][ T51] Bluetooth: hci4: command 0x0406 tx timeout [ 514.104013][T15184] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 514.378792][T15197] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2732'. [ 514.451154][T15199] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2732'. [ 514.497763][T15204] FAULT_INJECTION: forcing a failure. [ 514.497763][T15204] name failslab, interval 1, probability 0, space 0, times 0 [ 514.570740][T15204] CPU: 0 UID: 8 PID: 15204 Comm: syz.4.2734 Tainted: G L syzkaller #0 PREEMPT(full) [ 514.570773][T15204] Tainted: [L]=SOFTLOCKUP [ 514.570779][T15204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 514.570788][T15204] Call Trace: [ 514.570794][T15204] [ 514.570801][T15204] dump_stack_lvl+0x100/0x190 [ 514.570829][T15204] should_fail_ex.cold+0x5/0xa [ 514.570847][T15204] should_failslab+0xc2/0x120 [ 514.570862][T15204] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 514.570883][T15204] ? cred_alloc_blank+0x1c/0xa0 [ 514.570905][T15204] ? __x64_sys_futex+0x34f/0x4d0 [ 514.570923][T15204] ? __x64_sys_futex+0x358/0x4d0 [ 514.570944][T15204] cred_alloc_blank+0x1c/0xa0 [ 514.570965][T15204] keyctl_session_to_parent+0x55/0xae0 [ 514.570989][T15204] __do_sys_keyctl+0x2b1/0x5a0 [ 514.571010][T15204] do_syscall_64+0x106/0xf80 [ 514.571027][T15204] ? clear_bhb_loop+0x40/0x90 [ 514.571045][T15204] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 514.571060][T15204] RIP: 0033:0x7f367519c629 [ 514.571074][T15204] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 514.571088][T15204] RSP: 002b:00007f36733f6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 514.571103][T15204] RAX: ffffffffffffffda RBX: 00007f3675415fa0 RCX: 00007f367519c629 [ 514.571113][T15204] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000012 [ 514.571123][T15204] RBP: 00007f3675232b39 R08: 0000000000000001 R09: 0000000000000000 [ 514.571131][T15204] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 514.571140][T15204] R13: 00007f3675416038 R14: 00007f3675415fa0 R15: 00007fff4c006db8 [ 514.571163][T15204] [ 515.455645][T15236] vhci_hcd vhci_hcd.2: SetHubDepth req not supported for USB 2.0 roothub [ 515.874279][T15247] FAULT_INJECTION: forcing a failure. [ 515.874279][T15247] name failslab, interval 1, probability 0, space 0, times 0 [ 515.965901][T15247] CPU: 0 UID: 0 PID: 15247 Comm: syz.1.2741 Tainted: G L syzkaller #0 PREEMPT(full) [ 515.965933][T15247] Tainted: [L]=SOFTLOCKUP [ 515.965942][T15247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 515.965952][T15247] Call Trace: [ 515.965957][T15247] [ 515.965963][T15247] dump_stack_lvl+0x100/0x190 [ 515.965991][T15247] should_fail_ex.cold+0x5/0xa [ 515.966010][T15247] should_failslab+0xc2/0x120 [ 515.966025][T15247] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 515.966046][T15247] ? anon_vma_clone+0x2bd/0xc70 [ 515.966068][T15247] anon_vma_clone+0x2bd/0xc70 [ 515.966091][T15247] __split_vma+0x51f/0xd90 [ 515.966113][T15247] ? __pfx___split_vma+0x10/0x10 [ 515.966136][T15247] ? __pfx_mas_prev+0x10/0x10 [ 515.966152][T15247] ? stack_trace_save+0x8e/0xc0 [ 515.966170][T15247] vms_gather_munmap_vmas+0x39f/0x1500 [ 515.966194][T15247] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 515.966216][T15247] ? mas_walk+0x6ef/0x9b0 [ 515.966237][T15247] __mmap_region+0x492/0x29e0 [ 515.966260][T15247] ? __pfx___mmap_region+0x10/0x10 [ 515.966282][T15247] ? ima_store_measurement+0x522/0x5b0 [ 515.966304][T15247] ? kasan_quarantine_put+0x104/0x240 [ 515.966329][T15247] ? find_held_lock+0x2b/0x80 [ 515.966343][T15247] ? process_measurement+0x109c/0x2350 [ 515.966361][T15247] ? process_measurement+0x109c/0x2350 [ 515.966380][T15247] ? ima_store_measurement+0x26a/0x5b0 [ 515.966403][T15247] ? __mutex_unlock_slowpath+0x15c/0x790 [ 515.966428][T15247] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 515.966456][T15247] ? process_measurement+0x1f4/0x2350 [ 515.966499][T15247] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 515.966522][T15247] mmap_region+0x180/0x3e0 [ 515.966547][T15247] do_mmap+0xc63/0x12f0 [ 515.966566][T15247] ? __pfx_do_mmap+0x10/0x10 [ 515.966581][T15247] ? __pfx_down_write_killable+0x10/0x10 [ 515.966604][T15247] vm_mmap_pgoff+0x29e/0x470 [ 515.966623][T15247] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 515.966637][T15247] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 515.966663][T15247] ? hugetlbfs_get_inode+0x36e/0x750 [ 515.966693][T15247] ksys_mmap_pgoff+0x273/0x650 [ 515.966709][T15247] ? __x64_sys_futex+0x358/0x4d0 [ 515.966728][T15247] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 515.966743][T15247] ? xfd_validate_state+0x129/0x190 [ 515.966768][T15247] __x64_sys_mmap+0x125/0x190 [ 515.966792][T15247] do_syscall_64+0x106/0xf80 [ 515.966807][T15247] ? clear_bhb_loop+0x40/0x90 [ 515.966825][T15247] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 515.966840][T15247] RIP: 0033:0x7fe0af79c629 [ 515.966854][T15247] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 515.966868][T15247] RSP: 002b:00007fe0b059c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 515.966883][T15247] RAX: ffffffffffffffda RBX: 00007fe0afa15fa0 RCX: 00007fe0af79c629 [ 515.966893][T15247] RDX: 0000000000000004 RSI: 0000000000000005 RDI: 0000200000000000 [ 515.966903][T15247] RBP: 00007fe0af832b39 R08: 0000000000000401 R09: 0000300000000000 [ 515.966912][T15247] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000 [ 515.966921][T15247] R13: 00007fe0afa16038 R14: 00007fe0afa15fa0 R15: 00007ffc5ab3d3a8 [ 515.966940][T15247] [ 516.642334][T15258] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2753'. [ 516.989657][T15263] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„ [ 517.253669][T15264] bond0: option slaves: interface -Âô]àæ©=,Dçon?ïI|›a CB does not exist! [ 518.077115][T15289] vhci_hcd vhci_hcd.2: SetHubDepth req not supported for USB 2.0 roothub [ 518.752902][T15308] FAULT_INJECTION: forcing a failure. [ 518.752902][T15308] name failslab, interval 1, probability 0, space 0, times 0 [ 518.863414][T15308] CPU: 0 UID: 8 PID: 15308 Comm: syz.1.2758 Tainted: G L syzkaller #0 PREEMPT(full) [ 518.863441][T15308] Tainted: [L]=SOFTLOCKUP [ 518.863446][T15308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 518.863456][T15308] Call Trace: [ 518.863461][T15308] [ 518.863467][T15308] dump_stack_lvl+0x100/0x190 [ 518.863494][T15308] should_fail_ex.cold+0x5/0xa [ 518.863513][T15308] should_failslab+0xc2/0x120 [ 518.863528][T15308] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 518.863549][T15308] ? cred_alloc_blank+0x1c/0xa0 [ 518.863570][T15308] ? __x64_sys_futex+0x34f/0x4d0 [ 518.863589][T15308] ? __x64_sys_futex+0x358/0x4d0 [ 518.863611][T15308] cred_alloc_blank+0x1c/0xa0 [ 518.863632][T15308] keyctl_session_to_parent+0x55/0xae0 [ 518.863656][T15308] __do_sys_keyctl+0x2b1/0x5a0 [ 518.863677][T15308] do_syscall_64+0x106/0xf80 [ 518.863693][T15308] ? clear_bhb_loop+0x40/0x90 [ 518.863711][T15308] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 518.863726][T15308] RIP: 0033:0x7fe0af79c629 [ 518.863739][T15308] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 518.863754][T15308] RSP: 002b:00007fe0b059c028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 518.863769][T15308] RAX: ffffffffffffffda RBX: 00007fe0afa15fa0 RCX: 00007fe0af79c629 [ 518.863779][T15308] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000012 [ 518.863788][T15308] RBP: 00007fe0af832b39 R08: 0000000000000001 R09: 0000000000000000 [ 518.863797][T15308] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 518.863806][T15308] R13: 00007fe0afa16038 R14: 00007fe0afa15fa0 R15: 00007ffc5ab3d3a8 [ 518.863825][T15308] [ 519.086583][T15311] phram: parameter too long [ 519.102978][T15322] phram: not enough arguments [ 519.538009][T15331] : renamed from team0 (while UP) [ 519.848410][T15337] vhci_hcd vhci_hcd.2: SetHubDepth req not supported for USB 2.0 roothub [ 520.422536][T15356] lo: entered allmulticast mode [ 520.480671][T15351] lo: left allmulticast mode [ 522.320330][T15397] lo: entered allmulticast mode [ 522.398616][T15397] lo: left allmulticast mode [ 522.588121][T15402] debugfs: '!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' already exists in 'ieee80211' [ 522.682269][T15406] bond0: option slaves: interface -Âô]àæ©=,Dçon?ïI|›a CB does not exist! [ 523.695232][T15424] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(14) [ 524.287881][T15441] delete_channel: no stack [ 524.565633][T15458] debugfs: '!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' already exists in 'ieee80211' [ 524.625063][T15460] bond0: option slaves: interface -Âô]àæ©=,Dçon?ïI|›a CB does not exist! [ 525.589746][T15480] openvswitch: netlink: IP tunnel dst address not specified [ 526.082696][T15492] lo: entered allmulticast mode [ 526.148929][T15492] lo: left allmulticast mode [ 526.512410][T15505] FAULT_INJECTION: forcing a failure. [ 526.512410][T15505] name failslab, interval 1, probability 0, space 0, times 0 [ 526.575631][T15505] CPU: 0 UID: 8 PID: 15505 Comm: syz.0.2806 Tainted: G L syzkaller #0 PREEMPT(full) [ 526.575660][T15505] Tainted: [L]=SOFTLOCKUP [ 526.575666][T15505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 526.575675][T15505] Call Trace: [ 526.575681][T15505] [ 526.575686][T15505] dump_stack_lvl+0x100/0x190 [ 526.575724][T15505] should_fail_ex.cold+0x5/0xa [ 526.575743][T15505] should_failslab+0xc2/0x120 [ 526.575759][T15505] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 526.575780][T15505] ? cred_alloc_blank+0x1c/0xa0 [ 526.575802][T15505] ? __x64_sys_futex+0x34f/0x4d0 [ 526.575820][T15505] ? __x64_sys_futex+0x358/0x4d0 [ 526.575841][T15505] cred_alloc_blank+0x1c/0xa0 [ 526.575862][T15505] keyctl_session_to_parent+0x55/0xae0 [ 526.575886][T15505] __do_sys_keyctl+0x2b1/0x5a0 [ 526.575907][T15505] do_syscall_64+0x106/0xf80 [ 526.575923][T15505] ? clear_bhb_loop+0x40/0x90 [ 526.575945][T15505] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 526.575961][T15505] RIP: 0033:0x7f01b799c629 [ 526.575974][T15505] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 526.575990][T15505] RSP: 002b:00007f01b88e8028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 526.576006][T15505] RAX: ffffffffffffffda RBX: 00007f01b7c15fa0 RCX: 00007f01b799c629 [ 526.576015][T15505] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000012 [ 526.576025][T15505] RBP: 00007f01b7a32b39 R08: 0000000000000001 R09: 0000000000000000 [ 526.576034][T15505] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 526.576042][T15505] R13: 00007f01b7c16038 R14: 00007f01b7c15fa0 R15: 00007ffd4c9afbe8 [ 526.576061][T15505] [ 527.012833][T15514] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(12) [ 527.535969][T15506] Invalid ELF header magic: != ELF [ 529.000133][T15555] FAULT_INJECTION: forcing a failure. [ 529.000133][T15555] name failslab, interval 1, probability 0, space 0, times 0 [ 529.116879][ T51] Bluetooth: hci5: command 0x0406 tx timeout [ 529.352490][T15555] CPU: 0 UID: 0 PID: 15555 Comm: syz.0.2814 Tainted: G L syzkaller #0 PREEMPT(full) [ 529.352516][T15555] Tainted: [L]=SOFTLOCKUP [ 529.352521][T15555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 529.352530][T15555] Call Trace: [ 529.352535][T15555] [ 529.352541][T15555] dump_stack_lvl+0x100/0x190 [ 529.352567][T15555] should_fail_ex.cold+0x5/0xa [ 529.352585][T15555] ? tomoyo_realpath_from_path+0xb6/0x690 [ 529.352607][T15555] should_failslab+0xc2/0x120 [ 529.352621][T15555] __kmalloc_noprof+0xe0/0x850 [ 529.352646][T15555] tomoyo_realpath_from_path+0xb6/0x690 [ 529.352665][T15555] tomoyo_check_open_permission+0x2af/0x3c0 [ 529.352688][T15555] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 529.352710][T15555] ? do_file_open+0x20e/0x430 [ 529.352723][T15555] ? do_syscall_64+0x106/0xf80 [ 529.352739][T15555] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 529.352770][T15555] ? do_raw_spin_lock+0x128/0x260 [ 529.352793][T15555] ? path_get+0x61/0x80 [ 529.352810][T15555] tomoyo_file_open+0x6b/0x90 [ 529.352829][T15555] security_file_open+0xb5/0x1e0 [ 529.352843][T15555] do_dentry_open+0x5aa/0x1660 [ 529.352868][T15555] ? security_inode_permission+0xbf/0x250 [ 529.352893][T15555] vfs_open+0x82/0x3f0 [ 529.352912][T15555] path_openat+0x208c/0x31a0 [ 529.352932][T15555] ? __pfx_path_openat+0x10/0x10 [ 529.352953][T15555] do_file_open+0x20e/0x430 [ 529.352968][T15555] ? __pfx_do_file_open+0x10/0x10 [ 529.352996][T15555] ? alloc_fd+0x476/0x790 [ 529.353020][T15555] ? do_getname+0x191/0x390 [ 529.353039][T15555] do_sys_openat2+0x10d/0x1e0 [ 529.353061][T15555] ? __pfx_do_sys_openat2+0x10/0x10 [ 529.353085][T15555] __x64_sys_openat+0x12d/0x210 [ 529.353104][T15555] ? __pfx___x64_sys_openat+0x10/0x10 [ 529.353129][T15555] do_syscall_64+0x106/0xf80 [ 529.353144][T15555] ? clear_bhb_loop+0x40/0x90 [ 529.353162][T15555] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 529.353177][T15555] RIP: 0033:0x7f01b799c629 [ 529.353190][T15555] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 529.353205][T15555] RSP: 002b:00007f01b88e8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 529.353220][T15555] RAX: ffffffffffffffda RBX: 00007f01b7c15fa0 RCX: 00007f01b799c629 [ 529.353229][T15555] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 529.353238][T15555] RBP: 00007f01b7a32b39 R08: 0000000000000000 R09: 0000000000000000 [ 529.353247][T15555] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 529.353255][T15555] R13: 00007f01b7c16038 R14: 00007f01b7c15fa0 R15: 00007ffd4c9afbe8 [ 529.353274][T15555] [ 529.353280][T15555] ERROR: Out of memory at tomoyo_realpath_from_path. [ 529.704712][T15567] FAULT_INJECTION: forcing a failure. [ 529.704712][T15567] name failslab, interval 1, probability 0, space 0, times 0 [ 529.749637][T15567] CPU: 0 UID: 8 PID: 15567 Comm: syz.1.2816 Tainted: G L syzkaller #0 PREEMPT(full) [ 529.749663][T15567] Tainted: [L]=SOFTLOCKUP [ 529.749669][T15567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 529.749678][T15567] Call Trace: [ 529.749683][T15567] [ 529.749689][T15567] dump_stack_lvl+0x100/0x190 [ 529.749717][T15567] should_fail_ex.cold+0x5/0xa [ 529.749734][T15567] should_failslab+0xc2/0x120 [ 529.749750][T15567] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 529.749770][T15567] ? cred_alloc_blank+0x1c/0xa0 [ 529.749792][T15567] ? __x64_sys_futex+0x34f/0x4d0 [ 529.749811][T15567] ? __x64_sys_futex+0x358/0x4d0 [ 529.749832][T15567] cred_alloc_blank+0x1c/0xa0 [ 529.749853][T15567] keyctl_session_to_parent+0x55/0xae0 [ 529.749878][T15567] __do_sys_keyctl+0x2b1/0x5a0 [ 529.749898][T15567] do_syscall_64+0x106/0xf80 [ 529.749914][T15567] ? clear_bhb_loop+0x40/0x90 [ 529.749932][T15567] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 529.749947][T15567] RIP: 0033:0x7fe0af79c629 [ 529.749960][T15567] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 529.749974][T15567] RSP: 002b:00007fe0b059c028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 529.749989][T15567] RAX: ffffffffffffffda RBX: 00007fe0afa15fa0 RCX: 00007fe0af79c629 [ 529.749999][T15567] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000012 [ 529.750009][T15567] RBP: 00007fe0af832b39 R08: 0000000000000001 R09: 0000000000000000 [ 529.750017][T15567] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 529.750026][T15567] R13: 00007fe0afa16038 R14: 00007fe0afa15fa0 R15: 00007ffc5ab3d3a8 [ 529.750045][T15567] [ 530.626998][T15590] bridge0: port 4(batadv0) entered blocking state [ 530.694279][T15590] bridge0: port 4(batadv0) entered disabled state [ 530.702509][T15590] batadv0: entered allmulticast mode [ 530.918709][T15590] batadv0: entered promiscuous mode [ 530.995688][T15590] bridge0: port 4(batadv0) entered blocking state [ 531.002206][T15590] bridge0: port 4(batadv0) entered forwarding state [ 531.045725][ T8985] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 531.055282][ T8985] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 532.426229][T15643] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2830'. [ 532.491535][ T51] Bluetooth: hci4: Malformed Event: 0x02 [ 534.236039][ T51] Bluetooth: hci2: command 0x0406 tx timeout [ 536.007799][T15716] FAULT_INJECTION: forcing a failure. [ 536.007799][T15716] name failslab, interval 1, probability 0, space 0, times 0 [ 536.135928][T15714] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2840'. [ 536.146985][T15716] CPU: 0 UID: 0 PID: 15716 Comm: syz.3.2845 Tainted: G L syzkaller #0 PREEMPT(full) [ 536.147009][T15716] Tainted: [L]=SOFTLOCKUP [ 536.147014][T15716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 536.147022][T15716] Call Trace: [ 536.147028][T15716] [ 536.147033][T15716] dump_stack_lvl+0x100/0x190 [ 536.147060][T15716] should_fail_ex.cold+0x5/0xa [ 536.147078][T15716] should_failslab+0xc2/0x120 [ 536.147093][T15716] __kvmalloc_node_noprof+0xfa/0xa00 [ 536.147115][T15716] ? seq_read_iter+0x819/0x1270 [ 536.147141][T15716] seq_read_iter+0x819/0x1270 [ 536.147164][T15716] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 536.147192][T15716] kernfs_fop_read_iter+0x46c/0x610 [ 536.147212][T15716] copy_splice_read+0x4ba/0xb90 [ 536.147239][T15716] ? __pfx_copy_splice_read+0x10/0x10 [ 536.147269][T15716] ? __fget_files+0x215/0x3d0 [ 536.147293][T15716] ? __pfx_copy_splice_read+0x10/0x10 [ 536.147315][T15716] do_splice_read+0x285/0x370 [ 536.147339][T15716] splice_file_to_pipe+0x82/0x120 [ 536.147365][T15716] do_sendfile+0x366/0xe20 [ 536.147390][T15716] ? __pfx_do_sendfile+0x10/0x10 [ 536.147411][T15716] ? __fget_files+0x21f/0x3d0 [ 536.147438][T15716] __x64_sys_sendfile64+0x1d8/0x220 [ 536.147453][T15716] ? ksys_write+0x1ac/0x250 [ 536.147473][T15716] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 536.147495][T15716] do_syscall_64+0x106/0xf80 [ 536.147511][T15716] ? clear_bhb_loop+0x40/0x90 [ 536.147529][T15716] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 536.147544][T15716] RIP: 0033:0x7f9f4239c629 [ 536.147557][T15716] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 536.147571][T15716] RSP: 002b:00007f9f4332f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 536.147586][T15716] RAX: ffffffffffffffda RBX: 00007f9f42615fa0 RCX: 00007f9f4239c629 [ 536.147596][T15716] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000002 [ 536.147604][T15716] RBP: 00007f9f4332f090 R08: 0000000000000000 R09: 0000000000000000 [ 536.147612][T15716] R10: 400000000000c3e0 R11: 0000000000000246 R12: 0000000000000001 [ 536.147621][T15716] R13: 00007f9f42616038 R14: 00007f9f42615fa0 R15: 00007ffd31101248 [ 536.147640][T15716] [ 537.218122][T15714] veth1_macvtap: left promiscuous mode [ 537.885318][T15739] lo: entered allmulticast mode [ 538.018205][T15739] lo: left allmulticast mode [ 538.416327][T15752] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2855'. [ 538.449403][T15755] FAULT_INJECTION: forcing a failure. [ 538.449403][T15755] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 538.504352][T15755] CPU: 0 UID: 0 PID: 15755 Comm: syz.3.2857 Tainted: G L syzkaller #0 PREEMPT(full) [ 538.504378][T15755] Tainted: [L]=SOFTLOCKUP [ 538.504384][T15755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 538.504392][T15755] Call Trace: [ 538.504398][T15755] [ 538.504404][T15755] dump_stack_lvl+0x100/0x190 [ 538.504430][T15755] should_fail_ex.cold+0x5/0xa [ 538.504448][T15755] _copy_to_user+0x32/0xd0 [ 538.504473][T15755] simple_read_from_buffer+0xcb/0x170 [ 538.504496][T15755] proc_fail_nth_read+0x1af/0x230 [ 538.504514][T15755] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 538.504531][T15755] ? rw_verify_area+0xce/0x6d0 [ 538.504551][T15755] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 538.504567][T15755] vfs_read+0x1e4/0xb30 [ 538.504591][T15755] ? __pfx_vfs_read+0x10/0x10 [ 538.504612][T15755] ? __fget_files+0x215/0x3d0 [ 538.504638][T15755] ? __fget_files+0x21f/0x3d0 [ 538.504665][T15755] ksys_read+0x12a/0x250 [ 538.504685][T15755] ? __pfx_ksys_read+0x10/0x10 [ 538.504717][T15755] do_syscall_64+0x106/0xf80 [ 538.504733][T15755] ? clear_bhb_loop+0x40/0x90 [ 538.504751][T15755] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 538.504766][T15755] RIP: 0033:0x7f9f4235cece [ 538.504779][T15755] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 538.504793][T15755] RSP: 002b:00007f9f4332efe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 538.504808][T15755] RAX: ffffffffffffffda RBX: 00007f9f4332f6c0 RCX: 00007f9f4235cece [ 538.504818][T15755] RDX: 000000000000000f RSI: 00007f9f4332f0a0 RDI: 0000000000000004 [ 538.504827][T15755] RBP: 00007f9f4332f090 R08: 0000000000000000 R09: 0000000000000000 [ 538.504835][T15755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 538.504844][T15755] R13: 00007f9f42616038 R14: 00007f9f42615fa0 R15: 00007ffd31101248 [ 538.504863][T15755] [ 539.046511][ T5145] Bluetooth: hci2: Malformed Event: 0x02 [ 540.359249][T15782] lo: entered allmulticast mode [ 540.626181][T15782] lo: left allmulticast mode [ 541.131040][T15813] Device name cannot be null; rc = [-22] [ 541.689802][T15823] FAULT_INJECTION: forcing a failure. [ 541.689802][T15823] name failslab, interval 1, probability 0, space 0, times 0 [ 541.758613][T15823] CPU: 0 UID: 8 PID: 15823 Comm: syz.3.2872 Tainted: G L syzkaller #0 PREEMPT(full) [ 541.758643][T15823] Tainted: [L]=SOFTLOCKUP [ 541.758649][T15823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 541.758658][T15823] Call Trace: [ 541.758663][T15823] [ 541.758669][T15823] dump_stack_lvl+0x100/0x190 [ 541.758695][T15823] should_fail_ex.cold+0x5/0xa [ 541.758714][T15823] should_failslab+0xc2/0x120 [ 541.758729][T15823] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 541.758749][T15823] ? cred_alloc_blank+0x1c/0xa0 [ 541.758771][T15823] ? __x64_sys_futex+0x34f/0x4d0 [ 541.758789][T15823] ? __x64_sys_futex+0x358/0x4d0 [ 541.758810][T15823] cred_alloc_blank+0x1c/0xa0 [ 541.758831][T15823] keyctl_session_to_parent+0x55/0xae0 [ 541.758855][T15823] __do_sys_keyctl+0x2b1/0x5a0 [ 541.758876][T15823] do_syscall_64+0x106/0xf80 [ 541.758892][T15823] ? clear_bhb_loop+0x40/0x90 [ 541.758910][T15823] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 541.758926][T15823] RIP: 0033:0x7f9f4239c629 [ 541.758938][T15823] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 541.758953][T15823] RSP: 002b:00007f9f4332f028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 541.758968][T15823] RAX: ffffffffffffffda RBX: 00007f9f42615fa0 RCX: 00007f9f4239c629 [ 541.758978][T15823] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000012 [ 541.758987][T15823] RBP: 00007f9f42432b39 R08: 0000000000000001 R09: 0000000000000000 [ 541.758996][T15823] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 541.759005][T15823] R13: 00007f9f42616038 R14: 00007f9f42615fa0 R15: 00007ffd31101248 [ 541.759024][T15823] [ 543.048402][T15836] FAULT_INJECTION: forcing a failure. [ 543.048402][T15836] name failslab, interval 1, probability 0, space 0, times 0 [ 543.082258][T15849] netlink: 'syz.0.2877': attribute type 1 has an invalid length. [ 543.153526][T15836] CPU: 0 UID: 0 PID: 15836 Comm: syz.3.2876 Tainted: G L syzkaller #0 PREEMPT(full) [ 543.153553][T15836] Tainted: [L]=SOFTLOCKUP [ 543.153558][T15836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 543.153569][T15836] Call Trace: [ 543.153574][T15836] [ 543.153580][T15836] dump_stack_lvl+0x100/0x190 [ 543.153609][T15836] should_fail_ex.cold+0x5/0xa [ 543.153627][T15836] should_failslab+0xc2/0x120 [ 543.153642][T15836] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 543.153663][T15836] ? __proc_create+0x2cb/0x8c0 [ 543.153689][T15836] __proc_create+0x2cb/0x8c0 [ 543.153711][T15836] ? __pfx___proc_create+0x10/0x10 [ 543.153739][T15836] proc_create_reg+0x75/0x170 [ 543.153763][T15836] proc_create_net_data+0x8e/0x1c0 [ 543.153786][T15836] ? __pfx_proc_create_net_data+0x10/0x10 [ 543.153807][T15836] ? net_generic+0xea/0x2a0 [ 543.153832][T15836] ? __pfx_phonet_init_net+0x10/0x10 [ 543.153850][T15836] phonet_init_net+0x66/0x120 [ 543.153867][T15836] ops_init+0x1e2/0x5f0 [ 543.153888][T15836] setup_net+0x118/0x3a0 [ 543.153905][T15836] ? __pfx_setup_net+0x10/0x10 [ 543.153920][T15836] ? lockdep_init_map_type+0x5c/0x250 [ 543.153941][T15836] ? mutex_init_lockep+0x110/0x150 [ 543.153963][T15836] copy_net_ns+0x46f/0x7c0 [ 543.153983][T15836] create_new_namespaces+0x3ea/0xac0 [ 543.154004][T15836] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 543.154021][T15836] ksys_unshare+0x455/0xab0 [ 543.154040][T15836] ? __pfx_ksys_unshare+0x10/0x10 [ 543.154065][T15836] __x64_sys_unshare+0x31/0x40 [ 543.154083][T15836] do_syscall_64+0x106/0xf80 [ 543.154098][T15836] ? clear_bhb_loop+0x40/0x90 [ 543.154119][T15836] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 543.154135][T15836] RIP: 0033:0x7f9f4239c629 [ 543.154148][T15836] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 543.154163][T15836] RSP: 002b:00007f9f4332f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 543.154177][T15836] RAX: ffffffffffffffda RBX: 00007f9f42615fa0 RCX: 00007f9f4239c629 [ 543.154187][T15836] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 543.154196][T15836] RBP: 00007f9f42432b39 R08: 0000000000000000 R09: 0000000000000000 [ 543.154205][T15836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 543.154214][T15836] R13: 00007f9f42616038 R14: 00007f9f42615fa0 R15: 00007ffd31101248 [ 543.154234][T15836] [ 544.257236][T15860] FAULT_INJECTION: forcing a failure. [ 544.257236][T15860] name failslab, interval 1, probability 0, space 0, times 0 [ 544.321102][T15860] CPU: 0 UID: 0 PID: 15860 Comm: syz.0.2883 Tainted: G L syzkaller #0 PREEMPT(full) [ 544.321131][T15860] Tainted: [L]=SOFTLOCKUP [ 544.321136][T15860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 544.321146][T15860] Call Trace: [ 544.321152][T15860] [ 544.321157][T15860] dump_stack_lvl+0x100/0x190 [ 544.321190][T15860] should_fail_ex.cold+0x5/0xa [ 544.321210][T15860] should_failslab+0xc2/0x120 [ 544.321225][T15860] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 544.321246][T15860] ? security_file_alloc+0x34/0x2c0 [ 544.321269][T15860] ? trace_kmem_cache_alloc+0xf3/0x120 [ 544.321287][T15860] security_file_alloc+0x34/0x2c0 [ 544.321312][T15860] init_file+0x95/0x480 [ 544.321329][T15860] alloc_empty_file+0x73/0x1c0 [ 544.321346][T15860] dentry_open+0x46/0xd0 [ 544.321363][T15860] ima_calc_file_hash+0x2ad/0x480 [ 544.321385][T15860] ima_collect_measurement+0x887/0xa40 [ 544.321411][T15860] ? __pfx_ima_collect_measurement+0x10/0x10 [ 544.321432][T15860] ? lock_acquire+0x1cf/0x380 [ 544.321459][T15860] ? process_measurement+0x5ab/0x2350 [ 544.321478][T15860] ? is_bad_inode+0xd/0x40 [ 544.321497][T15860] ? xattr_resolve_name+0x27d/0x3f0 [ 544.321522][T15860] ? vfs_getxattr_alloc+0xec/0x350 [ 544.321548][T15860] ? ima_get_hash_algo+0x22d/0x400 [ 544.321565][T15860] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 544.321586][T15860] ? process_measurement+0xdfe/0x2350 [ 544.321603][T15860] process_measurement+0xdfe/0x2350 [ 544.321628][T15860] ? __pfx_process_measurement+0x10/0x10 [ 544.321671][T15860] ? mutex_init_lockep+0x110/0x150 [ 544.321692][T15860] ? seq_open+0x116/0x170 [ 544.321708][T15860] ? inode_to_bdi+0x9e/0x160 [ 544.321733][T15860] ima_file_check+0xcc/0x120 [ 544.321752][T15860] ? __pfx_ima_file_check+0x10/0x10 [ 544.321775][T15860] security_file_post_open+0xc4/0x210 [ 544.321797][T15860] path_openat+0x1418/0x31a0 [ 544.321818][T15860] ? __pfx_path_openat+0x10/0x10 [ 544.321839][T15860] do_file_open+0x20e/0x430 [ 544.321854][T15860] ? __pfx_do_file_open+0x10/0x10 [ 544.321882][T15860] ? alloc_fd+0x476/0x790 [ 544.321906][T15860] ? do_getname+0x191/0x390 [ 544.321925][T15860] do_sys_openat2+0x10d/0x1e0 [ 544.321942][T15860] ? __pfx_do_sys_openat2+0x10/0x10 [ 544.321967][T15860] __x64_sys_openat+0x12d/0x210 [ 544.321986][T15860] ? __pfx___x64_sys_openat+0x10/0x10 [ 544.322011][T15860] do_syscall_64+0x106/0xf80 [ 544.322027][T15860] ? clear_bhb_loop+0x40/0x90 [ 544.322046][T15860] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 544.322062][T15860] RIP: 0033:0x7f01b799c629 [ 544.322076][T15860] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 544.322090][T15860] RSP: 002b:00007f01b88e8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 544.322106][T15860] RAX: ffffffffffffffda RBX: 00007f01b7c15fa0 RCX: 00007f01b799c629 [ 544.322116][T15860] RDX: 0000000000020803 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 544.322126][T15860] RBP: 00007f01b7a32b39 R08: 0000000000000000 R09: 0000000000000000 [ 544.322135][T15860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 544.322144][T15860] R13: 00007f01b7c16038 R14: 00007f01b7c15fa0 R15: 00007ffd4c9afbe8 [ 544.322164][T15860] [ 544.982769][ T29] audit: type=1800 audit(5315314839.679:27): pid=15860 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2883" name="set_event_notrace_pid" dev="tracefs" ino=1078 res=0 errno=0 [ 545.022482][ T51] Bluetooth: hci0: command 0x0406 tx timeout [ 545.050713][T15864] FAULT_INJECTION: forcing a failure. [ 545.050713][T15864] name failslab, interval 1, probability 0, space 0, times 0 [ 545.074333][T15864] CPU: 0 UID: 8 PID: 15864 Comm: syz.0.2884 Tainted: G L syzkaller #0 PREEMPT(full) [ 545.074359][T15864] Tainted: [L]=SOFTLOCKUP [ 545.074364][T15864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 545.074374][T15864] Call Trace: [ 545.074379][T15864] [ 545.074385][T15864] dump_stack_lvl+0x100/0x190 [ 545.074412][T15864] should_fail_ex.cold+0x5/0xa [ 545.074430][T15864] ? lsm_blob_alloc+0x68/0x90 [ 545.074446][T15864] should_failslab+0xc2/0x120 [ 545.074461][T15864] __kmalloc_noprof+0xe0/0x850 [ 545.074481][T15864] ? trace_kmem_cache_alloc+0xf3/0x120 [ 545.074499][T15864] lsm_blob_alloc+0x68/0x90 [ 545.074516][T15864] security_cred_alloc_blank+0x28/0x260 [ 545.074533][T15864] cred_alloc_blank+0x61/0xa0 [ 545.074554][T15864] keyctl_session_to_parent+0x55/0xae0 [ 545.074578][T15864] __do_sys_keyctl+0x2b1/0x5a0 [ 545.074598][T15864] do_syscall_64+0x106/0xf80 [ 545.074613][T15864] ? clear_bhb_loop+0x40/0x90 [ 545.074631][T15864] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 545.074646][T15864] RIP: 0033:0x7f01b799c629 [ 545.074659][T15864] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 545.074673][T15864] RSP: 002b:00007f01b88e8028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 545.074688][T15864] RAX: ffffffffffffffda RBX: 00007f01b7c15fa0 RCX: 00007f01b799c629 [ 545.074697][T15864] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000012 [ 545.074707][T15864] RBP: 00007f01b7a32b39 R08: 0000000000000001 R09: 0000000000000000 [ 545.074715][T15864] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 545.074724][T15864] R13: 00007f01b7c16038 R14: 00007f01b7c15fa0 R15: 00007ffd4c9afbe8 [ 545.074743][T15864] [ 545.649424][T15872] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2885'. [ 545.674899][T15873] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2886'. [ 545.909095][T15879] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2887'. [ 546.631735][ T5145] Bluetooth: hci2: unexpected event 0x3c length: 254 > 7 [ 546.636356][T15898] netlink: 'syz.0.2892': attribute type 11 has an invalid length. [ 546.895897][T15903] FAULT_INJECTION: forcing a failure. [ 546.895897][T15903] name failslab, interval 1, probability 0, space 0, times 0 [ 546.938799][T15903] CPU: 0 UID: 8 PID: 15903 Comm: syz.1.2894 Tainted: G L syzkaller #0 PREEMPT(full) [ 546.938826][T15903] Tainted: [L]=SOFTLOCKUP [ 546.938832][T15903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 546.938842][T15903] Call Trace: [ 546.938847][T15903] [ 546.938854][T15903] dump_stack_lvl+0x100/0x190 [ 546.938881][T15903] should_fail_ex.cold+0x5/0xa [ 546.938902][T15903] ? lsm_blob_alloc+0x68/0x90 [ 546.938919][T15903] should_failslab+0xc2/0x120 [ 546.938934][T15903] __kmalloc_noprof+0xe0/0x850 [ 546.938953][T15903] ? trace_kmem_cache_alloc+0xf3/0x120 [ 546.938978][T15903] lsm_blob_alloc+0x68/0x90 [ 546.938995][T15903] security_cred_alloc_blank+0x28/0x260 [ 546.939012][T15903] cred_alloc_blank+0x61/0xa0 [ 546.939034][T15903] keyctl_session_to_parent+0x55/0xae0 [ 546.939058][T15903] __do_sys_keyctl+0x2b1/0x5a0 [ 546.939079][T15903] do_syscall_64+0x106/0xf80 [ 546.939094][T15903] ? clear_bhb_loop+0x40/0x90 [ 546.939112][T15903] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 546.939127][T15903] RIP: 0033:0x7fe0af79c629 [ 546.939141][T15903] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 546.939155][T15903] RSP: 002b:00007fe0b059c028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 546.939170][T15903] RAX: ffffffffffffffda RBX: 00007fe0afa15fa0 RCX: 00007fe0af79c629 [ 546.939180][T15903] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000012 [ 546.939189][T15903] RBP: 00007fe0af832b39 R08: 0000000000000001 R09: 0000000000000000 [ 546.939198][T15903] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 546.939207][T15903] R13: 00007fe0afa16038 R14: 00007fe0afa15fa0 R15: 00007ffc5ab3d3a8 [ 546.939226][T15903] [ 548.503915][T15934] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2902'. [ 548.944481][T15944] FAULT_INJECTION: forcing a failure. [ 548.944481][T15944] name fail_futex, interval 1, probability 0, space 0, times 0 [ 549.018018][T15944] CPU: 0 UID: 8 PID: 15944 Comm: syz.3.2904 Tainted: G L syzkaller #0 PREEMPT(full) [ 549.018045][T15944] Tainted: [L]=SOFTLOCKUP [ 549.018051][T15944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 549.018060][T15944] Call Trace: [ 549.018066][T15944] [ 549.018073][T15944] dump_stack_lvl+0x100/0x190 [ 549.018100][T15944] should_fail_ex.cold+0x5/0xa [ 549.018119][T15944] get_futex_key+0x1d2/0x1620 [ 549.018140][T15944] ? __pfx_get_futex_key+0x10/0x10 [ 549.018158][T15944] ? kasan_save_stack+0x3f/0x50 [ 549.018179][T15944] ? kasan_save_stack+0x30/0x50 [ 549.018199][T15944] ? kasan_record_aux_stack+0xa7/0xc0 [ 549.018218][T15944] ? __call_rcu_common.constprop.0+0xa5/0x9b0 [ 549.018237][T15944] ? __put_cred+0x10c/0x180 [ 549.018257][T15944] ? keyctl_session_to_parent+0x95a/0xae0 [ 549.018277][T15944] ? __do_sys_keyctl+0x2b1/0x5a0 [ 549.018296][T15944] ? do_syscall_64+0x106/0xf80 [ 549.018313][T15944] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 549.018332][T15944] futex_wake+0xea/0x530 [ 549.018355][T15944] ? __pfx_futex_wake+0x10/0x10 [ 549.018384][T15944] do_futex+0x32b/0x350 [ 549.018403][T15944] ? __pfx_do_futex+0x10/0x10 [ 549.018427][T15944] __x64_sys_futex+0x34f/0x4d0 [ 549.018448][T15944] ? __pfx___x64_sys_futex+0x10/0x10 [ 549.018466][T15944] ? __put_cred+0x111/0x180 [ 549.018486][T15944] ? keyctl_session_to_parent+0x39a/0xae0 [ 549.018512][T15944] do_syscall_64+0x106/0xf80 [ 549.018527][T15944] ? clear_bhb_loop+0x40/0x90 [ 549.018545][T15944] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 549.018560][T15944] RIP: 0033:0x7f9f4239c629 [ 549.018574][T15944] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 549.018588][T15944] RSP: 002b:00007f9f4332f0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 549.018603][T15944] RAX: ffffffffffffffda RBX: 00007f9f42615fa8 RCX: 00007f9f4239c629 [ 549.018613][T15944] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f9f42615fac [ 549.018623][T15944] RBP: 00007f9f42615fa0 R08: 0000000000000000 R09: 0000000000000000 [ 549.018632][T15944] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 549.018641][T15944] R13: 00007f9f42616038 R14: 00007ffd31101160 R15: 00007ffd31101248 [ 549.018661][T15944] [ 549.728708][T15949] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 554.106187][T16012] FAULT_INJECTION: forcing a failure. [ 554.106187][T16012] name fail_futex, interval 1, probability 0, space 0, times 0 [ 554.194714][T16012] CPU: 0 UID: 8 PID: 16012 Comm: syz.1.2923 Tainted: G L syzkaller #0 PREEMPT(full) [ 554.194740][T16012] Tainted: [L]=SOFTLOCKUP [ 554.194746][T16012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 554.194756][T16012] Call Trace: [ 554.194761][T16012] [ 554.194768][T16012] dump_stack_lvl+0x100/0x190 [ 554.194795][T16012] should_fail_ex.cold+0x5/0xa [ 554.194814][T16012] get_futex_key+0x1d2/0x1620 [ 554.194835][T16012] ? __pfx_get_futex_key+0x10/0x10 [ 554.194852][T16012] ? kasan_save_stack+0x3f/0x50 [ 554.194873][T16012] ? kasan_save_stack+0x30/0x50 [ 554.194894][T16012] ? kasan_record_aux_stack+0xa7/0xc0 [ 554.194912][T16012] ? __call_rcu_common.constprop.0+0xa5/0x9b0 [ 554.194931][T16012] ? __put_cred+0x10c/0x180 [ 554.194950][T16012] ? keyctl_session_to_parent+0x95a/0xae0 [ 554.194971][T16012] ? __do_sys_keyctl+0x2b1/0x5a0 [ 554.194989][T16012] ? do_syscall_64+0x106/0xf80 [ 554.195006][T16012] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 554.195024][T16012] futex_wake+0xea/0x530 [ 554.195047][T16012] ? __pfx_futex_wake+0x10/0x10 [ 554.195078][T16012] do_futex+0x32b/0x350 [ 554.195097][T16012] ? __pfx_do_futex+0x10/0x10 [ 554.195120][T16012] __x64_sys_futex+0x34f/0x4d0 [ 554.195141][T16012] ? __pfx___x64_sys_futex+0x10/0x10 [ 554.195160][T16012] ? __put_cred+0x111/0x180 [ 554.195180][T16012] ? keyctl_session_to_parent+0x39a/0xae0 [ 554.195206][T16012] do_syscall_64+0x106/0xf80 [ 554.195221][T16012] ? clear_bhb_loop+0x40/0x90 [ 554.195239][T16012] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 554.195255][T16012] RIP: 0033:0x7fe0af79c629 [ 554.195268][T16012] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 554.195284][T16012] RSP: 002b:00007fe0b059c0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 554.195299][T16012] RAX: ffffffffffffffda RBX: 00007fe0afa15fa8 RCX: 00007fe0af79c629 [ 554.195309][T16012] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe0afa15fac [ 554.195319][T16012] RBP: 00007fe0afa15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 554.195328][T16012] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 554.195338][T16012] R13: 00007fe0afa16038 R14: 00007ffc5ab3d2c0 R15: 00007ffc5ab3d3a8 [ 554.195366][T16012] [ 555.605766][T16016] FAULT_INJECTION: forcing a failure. [ 555.605766][T16016] name fail_futex, interval 1, probability 0, space 0, times 0 [ 555.821262][T16016] CPU: 0 UID: 0 PID: 16016 Comm: syz.0.2924 Tainted: G L syzkaller #0 PREEMPT(full) [ 555.821288][T16016] Tainted: [L]=SOFTLOCKUP [ 555.821294][T16016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 555.821303][T16016] Call Trace: [ 555.821308][T16016] [ 555.821315][T16016] dump_stack_lvl+0x100/0x190 [ 555.821342][T16016] should_fail_ex.cold+0x5/0xa [ 555.821360][T16016] get_futex_key+0x106f/0x1620 [ 555.821381][T16016] ? __pfx_get_futex_key+0x10/0x10 [ 555.821397][T16016] ? lock_acquire+0x1cf/0x380 [ 555.821422][T16016] futex_wake+0xea/0x530 [ 555.821445][T16016] ? __pfx_futex_wake+0x10/0x10 [ 555.821467][T16016] ? exit_mm_release+0x19/0x30 [ 555.821490][T16016] do_futex+0x32b/0x350 [ 555.821509][T16016] ? __pfx_do_futex+0x10/0x10 [ 555.821526][T16016] ? __might_fault+0xc5/0x140 [ 555.821551][T16016] mm_release+0x24a/0x2f0 [ 555.821566][T16016] do_exit+0x675/0x2aa0 [ 555.821588][T16016] ? __pfx_do_exit+0x10/0x10 [ 555.821606][T16016] ? do_raw_spin_lock+0x128/0x260 [ 555.821627][T16016] ? find_held_lock+0x2b/0x80 [ 555.821640][T16016] ? get_signal+0x7e0/0x21e0 [ 555.821658][T16016] do_group_exit+0xd5/0x2a0 [ 555.821678][T16016] get_signal+0x1ec7/0x21e0 [ 555.821697][T16016] ? __pfx_do_recvmmsg+0x10/0x10 [ 555.821721][T16016] ? __pfx_get_signal+0x10/0x10 [ 555.821737][T16016] ? do_futex+0x192/0x350 [ 555.821758][T16016] arch_do_signal_or_restart+0x91/0x770 [ 555.821777][T16016] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 555.821800][T16016] ? __pfx___x64_sys_futex+0x10/0x10 [ 555.821824][T16016] exit_to_user_mode_loop+0x86/0x4a0 [ 555.821845][T16016] do_syscall_64+0x668/0xf80 [ 555.821862][T16016] ? clear_bhb_loop+0x40/0x90 [ 555.821880][T16016] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 555.821896][T16016] RIP: 0033:0x7f01b799c629 [ 555.821909][T16016] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 555.821924][T16016] RSP: 002b:00007f01b88a60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 555.821938][T16016] RAX: fffffffffffffe00 RBX: 00007f01b7c16188 RCX: 00007f01b799c629 [ 555.821949][T16016] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f01b7c16188 [ 555.821958][T16016] RBP: 00007f01b7c16180 R08: 0000000000000000 R09: 0000000000000000 [ 555.821967][T16016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 555.821975][T16016] R13: 00007f01b7c16218 R14: 00007ffd4c9afb00 R15: 00007ffd4c9afbe8 [ 555.821995][T16016] [ 558.936483][T16096] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(12) [ 559.310251][T16111] binder: BINDER_SET_CONTEXT_MGR already set [ 559.555086][T16111] binder: 16094:16111 ioctl 4018620d 9 returned -16 [ 561.090590][T16140] FAULT_INJECTION: forcing a failure. [ 561.090590][T16140] name failslab, interval 1, probability 0, space 0, times 0 [ 561.159685][T16140] CPU: 0 UID: 8 PID: 16140 Comm: syz.1.2951 Tainted: G L syzkaller #0 PREEMPT(full) [ 561.159712][T16140] Tainted: [L]=SOFTLOCKUP [ 561.159719][T16140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 561.159728][T16140] Call Trace: [ 561.159734][T16140] [ 561.159747][T16140] dump_stack_lvl+0x100/0x190 [ 561.159776][T16140] should_fail_ex.cold+0x5/0xa [ 561.159795][T16140] should_failslab+0xc2/0x120 [ 561.159810][T16140] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 561.159831][T16140] ? cred_alloc_blank+0x1c/0xa0 [ 561.159853][T16140] ? __x64_sys_futex+0x34f/0x4d0 [ 561.159872][T16140] ? __x64_sys_futex+0x358/0x4d0 [ 561.159893][T16140] cred_alloc_blank+0x1c/0xa0 [ 561.159915][T16140] keyctl_session_to_parent+0x55/0xae0 [ 561.159939][T16140] __do_sys_keyctl+0x2b1/0x5a0 [ 561.159960][T16140] do_syscall_64+0x106/0xf80 [ 561.159976][T16140] ? clear_bhb_loop+0x40/0x90 [ 561.159995][T16140] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 561.160011][T16140] RIP: 0033:0x7fe0af79c629 [ 561.160024][T16140] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 561.160040][T16140] RSP: 002b:00007fe0b059c028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 561.160055][T16140] RAX: ffffffffffffffda RBX: 00007fe0afa15fa0 RCX: 00007fe0af79c629 [ 561.160065][T16140] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000012 [ 561.160075][T16140] RBP: 00007fe0af832b39 R08: 0000000000000001 R09: 0000000000000000 [ 561.160084][T16140] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 561.160093][T16140] R13: 00007fe0afa16038 R14: 00007fe0afa15fa0 R15: 00007ffc5ab3d3a8 [ 561.160113][T16140] [ 561.726242][T16157] sd 0:0:1:0: PR command failed: 1026 [ 561.731671][T16157] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 561.803405][T16157] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 562.241625][T16168] FAULT_INJECTION: forcing a failure. [ 562.241625][T16168] name failslab, interval 1, probability 0, space 0, times 0 [ 562.334517][T16168] CPU: 0 UID: 0 PID: 16168 Comm: syz.3.2959 Tainted: G L syzkaller #0 PREEMPT(full) [ 562.334544][T16168] Tainted: [L]=SOFTLOCKUP [ 562.334550][T16168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 562.334560][T16168] Call Trace: [ 562.334566][T16168] [ 562.334572][T16168] dump_stack_lvl+0x100/0x190 [ 562.334600][T16168] should_fail_ex.cold+0x5/0xa [ 562.334619][T16168] ? process_preds+0x4c2/0x1d90 [ 562.334649][T16168] should_failslab+0xc2/0x120 [ 562.334664][T16168] __kmalloc_noprof+0xe0/0x850 [ 562.334690][T16168] process_preds+0x4c2/0x1d90 [ 562.334716][T16168] ? create_filter_start.constprop.0+0x134/0x310 [ 562.334741][T16168] create_filter+0x140/0x210 [ 562.334763][T16168] ? __pfx_create_filter+0x10/0x10 [ 562.334787][T16168] ? find_held_lock+0x2b/0x80 [ 562.334804][T16168] apply_event_filter+0x220/0x500 [ 562.334826][T16168] ? __pfx_apply_event_filter+0x10/0x10 [ 562.334855][T16168] event_filter_write+0x16d/0x290 [ 562.334873][T16168] vfs_write+0x2aa/0x1070 [ 562.334896][T16168] ? __pfx_event_filter_write+0x10/0x10 [ 562.334915][T16168] ? __pfx_vfs_write+0x10/0x10 [ 562.334936][T16168] ? __fget_files+0x215/0x3d0 [ 562.334962][T16168] ? __fget_files+0x21f/0x3d0 [ 562.334989][T16168] ksys_write+0x12a/0x250 [ 562.335010][T16168] ? __pfx_ksys_write+0x10/0x10 [ 562.335038][T16168] do_syscall_64+0x106/0xf80 [ 562.335054][T16168] ? clear_bhb_loop+0x40/0x90 [ 562.335072][T16168] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 562.335088][T16168] RIP: 0033:0x7f9f4239c629 [ 562.335102][T16168] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 562.335117][T16168] RSP: 002b:00007f9f4332f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 562.335132][T16168] RAX: ffffffffffffffda RBX: 00007f9f42615fa0 RCX: 00007f9f4239c629 [ 562.335142][T16168] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 562.335151][T16168] RBP: 00007f9f42432b39 R08: 0000000000000000 R09: 0000000000000000 [ 562.335160][T16168] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 562.335169][T16168] R13: 00007f9f42616038 R14: 00007f9f42615fa0 R15: 00007ffd31101248 [ 562.335189][T16168] [ 562.904557][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 562.910856][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 562.947660][T16178] FAULT_INJECTION: forcing a failure. [ 562.947660][T16178] name fail_futex, interval 1, probability 0, space 0, times 0 [ 563.005252][T16178] CPU: 0 UID: 8 PID: 16178 Comm: syz.3.2962 Tainted: G L syzkaller #0 PREEMPT(full) [ 563.005280][T16178] Tainted: [L]=SOFTLOCKUP [ 563.005286][T16178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 563.005295][T16178] Call Trace: [ 563.005302][T16178] [ 563.005308][T16178] dump_stack_lvl+0x100/0x190 [ 563.005337][T16178] should_fail_ex.cold+0x5/0xa [ 563.005356][T16178] get_futex_key+0x1d2/0x1620 [ 563.005376][T16178] ? __pfx_get_futex_key+0x10/0x10 [ 563.005393][T16178] ? kasan_save_stack+0x3f/0x50 [ 563.005414][T16178] ? kasan_save_stack+0x30/0x50 [ 563.005434][T16178] ? kasan_record_aux_stack+0xa7/0xc0 [ 563.005451][T16178] ? __call_rcu_common.constprop.0+0xa5/0x9b0 [ 563.005470][T16178] ? __put_cred+0x10c/0x180 [ 563.005489][T16178] ? keyctl_session_to_parent+0x95a/0xae0 [ 563.005510][T16178] ? __do_sys_keyctl+0x2b1/0x5a0 [ 563.005528][T16178] ? do_syscall_64+0x106/0xf80 [ 563.005545][T16178] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 563.005566][T16178] futex_wake+0xea/0x530 [ 563.005591][T16178] ? __pfx_futex_wake+0x10/0x10 [ 563.005621][T16178] do_futex+0x32b/0x350 [ 563.005639][T16178] ? __pfx_do_futex+0x10/0x10 [ 563.005663][T16178] __x64_sys_futex+0x34f/0x4d0 [ 563.005684][T16178] ? __pfx___x64_sys_futex+0x10/0x10 [ 563.005703][T16178] ? __put_cred+0x111/0x180 [ 563.005722][T16178] ? keyctl_session_to_parent+0x39a/0xae0 [ 563.005749][T16178] do_syscall_64+0x106/0xf80 [ 563.005764][T16178] ? clear_bhb_loop+0x40/0x90 [ 563.005782][T16178] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 563.005798][T16178] RIP: 0033:0x7f9f4239c629 [ 563.005812][T16178] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 563.005826][T16178] RSP: 002b:00007f9f4332f0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 563.005849][T16178] RAX: ffffffffffffffda RBX: 00007f9f42615fa8 RCX: 00007f9f4239c629 [ 563.005859][T16178] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f9f42615fac [ 563.005869][T16178] RBP: 00007f9f42615fa0 R08: 0000000000000000 R09: 0000000000000000 [ 563.005878][T16178] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 563.005888][T16178] R13: 00007f9f42616038 R14: 00007ffd31101160 R15: 00007ffd31101248 [ 563.005908][T16178] [ 563.847855][T16191] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2966'. [ 564.029936][T16197] syz.1.2967(16197): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 564.150189][T16201] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2969'. [ 564.182736][T16201] nbd: must specify a device to reconfigure [ 564.939170][T16217] serio: Serial port pty6 [ 566.849364][T16250] FAULT_INJECTION: forcing a failure. [ 566.849364][T16250] name failslab, interval 1, probability 0, space 0, times 0 [ 566.897571][T16250] CPU: 0 UID: 8 PID: 16250 Comm: syz.0.2984 Tainted: G L syzkaller #0 PREEMPT(full) [ 566.897598][T16250] Tainted: [L]=SOFTLOCKUP [ 566.897604][T16250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 566.897613][T16250] Call Trace: [ 566.897619][T16250] [ 566.897626][T16250] dump_stack_lvl+0x100/0x190 [ 566.897654][T16250] should_fail_ex.cold+0x5/0xa [ 566.897672][T16250] should_failslab+0xc2/0x120 [ 566.897688][T16250] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 566.897709][T16250] ? cred_alloc_blank+0x1c/0xa0 [ 566.897731][T16250] ? __x64_sys_futex+0x34f/0x4d0 [ 566.897749][T16250] ? __x64_sys_futex+0x358/0x4d0 [ 566.897770][T16250] cred_alloc_blank+0x1c/0xa0 [ 566.897792][T16250] keyctl_session_to_parent+0x55/0xae0 [ 566.897817][T16250] __do_sys_keyctl+0x2b1/0x5a0 [ 566.897837][T16250] do_syscall_64+0x106/0xf80 [ 566.897853][T16250] ? clear_bhb_loop+0x40/0x90 [ 566.897872][T16250] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 566.897887][T16250] RIP: 0033:0x7f01b799c629 [ 566.897901][T16250] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 566.897916][T16250] RSP: 002b:00007f01b88e8028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 566.897931][T16250] RAX: ffffffffffffffda RBX: 00007f01b7c15fa0 RCX: 00007f01b799c629 [ 566.897941][T16250] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000012 [ 566.897951][T16250] RBP: 00007f01b7a32b39 R08: 0000000000000001 R09: 0000000000000000 [ 566.897961][T16250] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 566.897971][T16250] R13: 00007f01b7c16038 R14: 00007f01b7c15fa0 R15: 00007ffd4c9afbe8 [ 566.897991][T16250] [ 568.375712][T16282] FAULT_INJECTION: forcing a failure. [ 568.375712][T16282] name failslab, interval 1, probability 0, space 0, times 0 [ 568.448189][T16282] CPU: 0 UID: 8 PID: 16282 Comm: syz.4.2995 Tainted: G L syzkaller #0 PREEMPT(full) [ 568.448217][T16282] Tainted: [L]=SOFTLOCKUP [ 568.448223][T16282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 568.448233][T16282] Call Trace: [ 568.448239][T16282] [ 568.448246][T16282] dump_stack_lvl+0x100/0x190 [ 568.448274][T16282] should_fail_ex.cold+0x5/0xa [ 568.448292][T16282] ? lsm_blob_alloc+0x68/0x90 [ 568.448309][T16282] should_failslab+0xc2/0x120 [ 568.448324][T16282] __kmalloc_noprof+0xe0/0x850 [ 568.448345][T16282] ? trace_kmem_cache_alloc+0xf3/0x120 [ 568.448363][T16282] lsm_blob_alloc+0x68/0x90 [ 568.448381][T16282] security_cred_alloc_blank+0x28/0x260 [ 568.448398][T16282] cred_alloc_blank+0x61/0xa0 [ 568.448419][T16282] keyctl_session_to_parent+0x55/0xae0 [ 568.448444][T16282] __do_sys_keyctl+0x2b1/0x5a0 [ 568.448465][T16282] do_syscall_64+0x106/0xf80 [ 568.448481][T16282] ? clear_bhb_loop+0x40/0x90 [ 568.448500][T16282] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 568.448516][T16282] RIP: 0033:0x7f367519c629 [ 568.448530][T16282] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 568.448544][T16282] RSP: 002b:00007f36733f6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 568.448559][T16282] RAX: ffffffffffffffda RBX: 00007f3675415fa0 RCX: 00007f367519c629 [ 568.448569][T16282] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000012 [ 568.448579][T16282] RBP: 00007f3675232b39 R08: 0000000000000001 R09: 0000000000000000 [ 568.448588][T16282] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 568.448598][T16282] R13: 00007f3675416038 R14: 00007f3675415fa0 R15: 00007fff4c006db8 [ 568.448617][T16282] [ 569.539469][T16304] netlink: 'syz.4.2999': attribute type 1 has an invalid length. [ 569.635280][T16303] bridge0: port 3(bond0) entered blocking state [ 569.690354][T16303] bridge0: port 3(bond0) entered disabled state [ 569.690506][T16303] bond0: entered allmulticast mode [ 569.690520][T16303] bond_slave_0: entered allmulticast mode [ 569.690532][T16303] bond_slave_1: entered allmulticast mode [ 569.691619][T16303] bond0: entered promiscuous mode [ 569.691633][T16303] bond_slave_0: entered promiscuous mode [ 569.691794][T16303] bond_slave_1: entered promiscuous mode [ 569.692282][T16303] bridge0: port 3(bond0) entered blocking state [ 569.692354][T16303] bridge0: port 3(bond0) entered forwarding state [ 570.005102][T16313] FAULT_INJECTION: forcing a failure. [ 570.005102][T16313] name failslab, interval 1, probability 0, space 0, times 0 [ 570.005131][T16313] CPU: 0 UID: 0 PID: 16313 Comm: syz.3.3002 Tainted: G L syzkaller #0 PREEMPT(full) [ 570.005153][T16313] Tainted: [L]=SOFTLOCKUP [ 570.005158][T16313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 570.005167][T16313] Call Trace: [ 570.005173][T16313] [ 570.005178][T16313] dump_stack_lvl+0x100/0x190 [ 570.005205][T16313] should_fail_ex.cold+0x5/0xa [ 570.005224][T16313] should_failslab+0xc2/0x120 [ 570.005239][T16313] __kvmalloc_node_noprof+0xfa/0xa00 [ 570.005261][T16313] ? seq_read_iter+0x819/0x1270 [ 570.005287][T16313] seq_read_iter+0x819/0x1270 [ 570.005317][T16313] kernfs_fop_read_iter+0x46c/0x610 [ 570.005333][T16313] ? rw_verify_area+0xce/0x6d0 [ 570.005353][T16313] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 570.005370][T16313] vfs_read+0x825/0xb30 [ 570.005394][T16313] ? __pfx_vfs_read+0x10/0x10 [ 570.005428][T16313] ksys_read+0x12a/0x250 [ 570.005449][T16313] ? __pfx_ksys_read+0x10/0x10 [ 570.005476][T16313] do_syscall_64+0x106/0xf80 [ 570.005492][T16313] ? clear_bhb_loop+0x40/0x90 [ 570.005511][T16313] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 570.005526][T16313] RIP: 0033:0x7f9f4239c629 [ 570.005539][T16313] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 570.005558][T16313] RSP: 002b:00007f9f4332f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 570.005573][T16313] RAX: ffffffffffffffda RBX: 00007f9f42615fa0 RCX: 00007f9f4239c629 [ 570.005583][T16313] RDX: 000000000000009a RSI: 00002000000001c0 RDI: 0000000000000003 [ 570.005592][T16313] RBP: 00007f9f4332f090 R08: 0000000000000000 R09: 0000000000000000 [ 570.005601][T16313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 570.005610][T16313] R13: 00007f9f42616038 R14: 00007f9f42615fa0 R15: 00007ffd31101248 [ 570.005630][T16313] [ 570.742870][T16323] FAULT_INJECTION: forcing a failure. [ 570.742870][T16323] name failslab, interval 1, probability 0, space 0, times 0 [ 570.742900][T16323] CPU: 0 UID: 8 PID: 16323 Comm: syz.0.3007 Tainted: G L syzkaller #0 PREEMPT(full) [ 570.742922][T16323] Tainted: [L]=SOFTLOCKUP [ 570.742928][T16323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 570.742938][T16323] Call Trace: [ 570.742943][T16323] [ 570.742955][T16323] dump_stack_lvl+0x100/0x190 [ 570.742981][T16323] should_fail_ex.cold+0x5/0xa [ 570.743000][T16323] should_failslab+0xc2/0x120 [ 570.743015][T16323] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 570.743036][T16323] ? cred_alloc_blank+0x1c/0xa0 [ 570.743058][T16323] ? __x64_sys_futex+0x34f/0x4d0 [ 570.743078][T16323] ? __x64_sys_futex+0x358/0x4d0 [ 570.743099][T16323] cred_alloc_blank+0x1c/0xa0 [ 570.743121][T16323] keyctl_session_to_parent+0x55/0xae0 [ 570.743145][T16323] __do_sys_keyctl+0x2b1/0x5a0 [ 570.743166][T16323] do_syscall_64+0x106/0xf80 [ 570.743182][T16323] ? clear_bhb_loop+0x40/0x90 [ 570.743201][T16323] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 570.743216][T16323] RIP: 0033:0x7f01b799c629 [ 570.743229][T16323] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 570.743245][T16323] RSP: 002b:00007f01b88e8028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 570.743259][T16323] RAX: ffffffffffffffda RBX: 00007f01b7c15fa0 RCX: 00007f01b799c629 [ 570.743269][T16323] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000012 [ 570.743279][T16323] RBP: 00007f01b7a32b39 R08: 0000000000000001 R09: 0000000000000000 [ 570.743291][T16323] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 570.743300][T16323] R13: 00007f01b7c16038 R14: 00007f01b7c15fa0 R15: 00007ffd4c9afbe8 [ 570.743319][T16323] [ 571.623478][T16331] FAULT_INJECTION: forcing a failure. [ 571.623478][T16331] name failslab, interval 1, probability 0, space 0, times 0 [ 571.623508][T16331] CPU: 0 UID: 0 PID: 16331 Comm: syz.1.3009 Tainted: G L syzkaller #0 PREEMPT(full) [ 571.623530][T16331] Tainted: [L]=SOFTLOCKUP [ 571.623535][T16331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 571.623545][T16331] Call Trace: [ 571.623550][T16331] [ 571.623556][T16331] dump_stack_lvl+0x100/0x190 [ 571.623582][T16331] should_fail_ex.cold+0x5/0xa [ 571.623601][T16331] ? rfkill_alloc+0xac/0x300 [ 571.623619][T16331] should_failslab+0xc2/0x120 [ 571.623635][T16331] __kmalloc_noprof+0xe0/0x850 [ 571.623660][T16331] rfkill_alloc+0xac/0x300 [ 571.623682][T16331] wiphy_new_nm+0x136a/0x21a0 [ 571.623701][T16331] ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10 [ 571.623721][T16331] ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10 [ 571.623740][T16331] ? __pfx_mac80211_hwsim_link_info_changed+0x10/0x10 [ 571.623758][T16331] ieee80211_alloc_hw_nm+0x1ac7/0x22a0 [ 571.623776][T16331] ? __local_bh_enable_ip+0x9e/0x120 [ 571.623795][T16331] mac80211_hwsim_new_radio+0x1e1/0x57d0 [ 571.623823][T16331] ? __asan_memset+0x23/0x50 [ 571.623850][T16331] ? __nla_validate_parse+0x1e7/0x28b0 [ 571.623870][T16331] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 571.623897][T16331] hwsim_new_radio_nl+0xc1f/0x1340 [ 571.623919][T16331] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 571.623945][T16331] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 571.623967][T16331] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 571.623993][T16331] genl_family_rcv_msg_doit+0x214/0x300 [ 571.624015][T16331] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 571.624035][T16331] ? genl_get_cmd+0x3ef/0x720 [ 571.624058][T16331] ? bpf_lsm_capable+0x9/0x10 [ 571.624073][T16331] ? security_capable+0x80/0x260 [ 571.624092][T16331] ? ns_capable+0xd2/0xf0 [ 571.624111][T16331] genl_rcv_msg+0x560/0x800 [ 571.624134][T16331] ? __pfx_genl_rcv_msg+0x10/0x10 [ 571.624154][T16331] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 571.624180][T16331] netlink_rcv_skb+0x159/0x420 [ 571.624199][T16331] ? __pfx_genl_rcv_msg+0x10/0x10 [ 571.624220][T16331] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 571.624245][T16331] ? netlink_deliver_tap+0x1ae/0xcc0 [ 571.624266][T16331] genl_rcv+0x28/0x40 [ 571.624284][T16331] netlink_unicast+0x5aa/0x870 [ 571.624304][T16331] ? __pfx_netlink_unicast+0x10/0x10 [ 571.624330][T16331] netlink_sendmsg+0x8b0/0xda0 [ 571.624351][T16331] ? __pfx_netlink_sendmsg+0x10/0x10 [ 571.624367][T16331] ? __import_iovec+0x1d2/0x640 [ 571.624392][T16331] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 571.624415][T16331] ____sys_sendmsg+0xa54/0xc30 [ 571.624437][T16331] ? __pfx_____sys_sendmsg+0x10/0x10 [ 571.624462][T16331] ? __pfx_futex_wake_mark+0x10/0x10 [ 571.624487][T16331] ___sys_sendmsg+0x190/0x1e0 [ 571.624510][T16331] ? __pfx____sys_sendmsg+0x10/0x10 [ 571.624554][T16331] __sys_sendmsg+0x170/0x220 [ 571.624571][T16331] ? __pfx___sys_sendmsg+0x10/0x10 [ 571.624587][T16331] ? __x64_sys_futex+0x34f/0x4d0 [ 571.624618][T16331] do_syscall_64+0x106/0xf80 [ 571.624634][T16331] ? clear_bhb_loop+0x40/0x90 [ 571.624653][T16331] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 571.624669][T16331] RIP: 0033:0x7fe0af79c629 [ 571.624683][T16331] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 571.624697][T16331] RSP: 002b:00007fe0b059c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 571.624714][T16331] RAX: ffffffffffffffda RBX: 00007fe0afa15fa0 RCX: 00007fe0af79c629 [ 571.624724][T16331] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 571.624734][T16331] RBP: 00007fe0af832b39 R08: 0000000000000000 R09: 0000000000000000 [ 571.624743][T16331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 571.624753][T16331] R13: 00007fe0afa16038 R14: 00007fe0afa15fa0 R15: 00007ffc5ab3d3a8 [ 571.624774][T16331] [ 571.790266][T16334] FAULT_INJECTION: forcing a failure. [ 571.790266][T16334] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 571.790295][T16334] CPU: 0 UID: 0 PID: 16334 Comm: syz.0.3011 Tainted: G L syzkaller #0 PREEMPT(full) [ 571.790316][T16334] Tainted: [L]=SOFTLOCKUP [ 571.790321][T16334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 571.790330][T16334] Call Trace: [ 571.790336][T16334] [ 571.790341][T16334] dump_stack_lvl+0x100/0x190 [ 571.790368][T16334] should_fail_ex.cold+0x5/0xa [ 571.790386][T16334] _copy_to_iter+0x1f3/0x1720 [ 571.790413][T16334] ? __pfx__copy_to_iter+0x10/0x10 [ 571.790435][T16334] ? kernfs_seq_stop+0xcd/0x120 [ 571.790453][T16334] ? kernfs_put_active+0x93/0xe0 [ 571.790477][T16334] seq_read_iter+0xdab/0x1270 [ 571.790508][T16334] kernfs_fop_read_iter+0x46c/0x610 [ 571.790523][T16334] ? rw_verify_area+0xce/0x6d0 [ 571.790543][T16334] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 571.790560][T16334] vfs_read+0x825/0xb30 [ 571.790584][T16334] ? __pfx_vfs_read+0x10/0x10 [ 571.790618][T16334] ksys_read+0x12a/0x250 [ 571.790639][T16334] ? __pfx_ksys_read+0x10/0x10 [ 571.790666][T16334] do_syscall_64+0x106/0xf80 [ 571.790682][T16334] ? clear_bhb_loop+0x40/0x90 [ 571.790701][T16334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 571.790717][T16334] RIP: 0033:0x7f01b799c629 [ 571.790730][T16334] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 571.790744][T16334] RSP: 002b:00007f01b88e8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 571.790759][T16334] RAX: ffffffffffffffda RBX: 00007f01b7c15fa0 RCX: 00007f01b799c629 [ 571.790769][T16334] RDX: 000000000000009a RSI: 00002000000001c0 RDI: 0000000000000003 [ 571.790779][T16334] RBP: 00007f01b88e8090 R08: 0000000000000000 R09: 0000000000000000 [ 571.790788][T16334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 571.790797][T16334] R13: 00007f01b7c16038 R14: 00007f01b7c15fa0 R15: 00007ffd4c9afbe8 [ 571.790817][T16334] [ 571.805069][T16335] netlink: 330 bytes leftover after parsing attributes in process `syz.1.3010'. [ 571.805101][T16335] –õ\­: renamed from lo (while UP) [ 573.938923][T16362] Invalid ELF header magic: != ELF [ 574.370710][T16369] FAULT_INJECTION: forcing a failure. [ 574.370710][T16369] name failslab, interval 1, probability 0, space 0, times 0 [ 574.370738][T16369] CPU: 0 UID: 0 PID: 16369 Comm: syz.0.3019 Tainted: G L syzkaller #0 PREEMPT(full) [ 574.370761][T16369] Tainted: [L]=SOFTLOCKUP [ 574.370767][T16369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 574.370776][T16369] Call Trace: [ 574.370782][T16369] [ 574.370788][T16369] dump_stack_lvl+0x100/0x190 [ 574.370815][T16369] should_fail_ex.cold+0x5/0xa [ 574.370834][T16369] ? rfkill_alloc+0xac/0x300 [ 574.370853][T16369] should_failslab+0xc2/0x120 [ 574.370869][T16369] __kmalloc_noprof+0xe0/0x850 [ 574.370894][T16369] rfkill_alloc+0xac/0x300 [ 574.370917][T16369] wiphy_new_nm+0x136a/0x21a0 [ 574.370935][T16369] ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10 [ 574.370955][T16369] ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10 [ 574.370974][T16369] ? __pfx_mac80211_hwsim_link_info_changed+0x10/0x10 [ 574.370992][T16369] ieee80211_alloc_hw_nm+0x1ac7/0x22a0 [ 574.371010][T16369] ? __local_bh_enable_ip+0x9e/0x120 [ 574.371030][T16369] mac80211_hwsim_new_radio+0x1e1/0x57d0 [ 574.371058][T16369] ? __asan_memset+0x23/0x50 [ 574.371078][T16369] ? __nla_validate_parse+0x1e7/0x28b0 [ 574.371097][T16369] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 574.371122][T16369] hwsim_new_radio_nl+0xc1f/0x1340 [ 574.371143][T16369] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 574.371169][T16369] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 574.371191][T16369] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 574.371216][T16369] genl_family_rcv_msg_doit+0x214/0x300 [ 574.371241][T16369] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 574.371262][T16369] ? genl_get_cmd+0x3ef/0x720 [ 574.371286][T16369] ? bpf_lsm_capable+0x9/0x10 [ 574.371300][T16369] ? security_capable+0x80/0x260 [ 574.371321][T16369] ? ns_capable+0xd2/0xf0 [ 574.371337][T16369] genl_rcv_msg+0x560/0x800 [ 574.371359][T16369] ? __pfx_genl_rcv_msg+0x10/0x10 [ 574.371380][T16369] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 574.371406][T16369] netlink_rcv_skb+0x159/0x420 [ 574.371424][T16369] ? __pfx_genl_rcv_msg+0x10/0x10 [ 574.371445][T16369] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 574.371471][T16369] ? netlink_deliver_tap+0x1ae/0xcc0 [ 574.371491][T16369] genl_rcv+0x28/0x40 [ 574.371508][T16369] netlink_unicast+0x5aa/0x870 [ 574.371529][T16369] ? __pfx_netlink_unicast+0x10/0x10 [ 574.371554][T16369] netlink_sendmsg+0x8b0/0xda0 [ 574.371576][T16369] ? __pfx_netlink_sendmsg+0x10/0x10 [ 574.371593][T16369] ? __import_iovec+0x1d2/0x640 [ 574.371618][T16369] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 574.371648][T16369] ____sys_sendmsg+0xa54/0xc30 [ 574.371672][T16369] ? __pfx_____sys_sendmsg+0x10/0x10 [ 574.371697][T16369] ? __pfx_futex_wake_mark+0x10/0x10 [ 574.371724][T16369] ___sys_sendmsg+0x190/0x1e0 [ 574.371747][T16369] ? __pfx____sys_sendmsg+0x10/0x10 [ 574.371791][T16369] __sys_sendmsg+0x170/0x220 [ 574.371809][T16369] ? __pfx___sys_sendmsg+0x10/0x10 [ 574.371825][T16369] ? __x64_sys_futex+0x34f/0x4d0 [ 574.371856][T16369] do_syscall_64+0x106/0xf80 [ 574.371872][T16369] ? clear_bhb_loop+0x40/0x90 [ 574.371891][T16369] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 574.371907][T16369] RIP: 0033:0x7f01b799c629 [ 574.371922][T16369] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 574.371937][T16369] RSP: 002b:00007f01b88e8028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 574.371952][T16369] RAX: ffffffffffffffda RBX: 00007f01b7c15fa0 RCX: 00007f01b799c629 [ 574.371962][T16369] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 574.371972][T16369] RBP: 00007f01b7a32b39 R08: 0000000000000000 R09: 0000000000000000 [ 574.371981][T16369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 574.371990][T16369] R13: 00007f01b7c16038 R14: 00007f01b7c15fa0 R15: 00007ffd4c9afbe8 [ 574.372011][T16369] [ 576.033692][T16385] netlink: 330 bytes leftover after parsing attributes in process `syz.3.3024'. [ 576.093621][T16385] –õ\­: renamed from lo (while UP) [ 577.031599][T16409] Invalid ELF header magic: != ELF [ 577.829661][T16432] nbd: must specify a device to reconfigure [ 578.427915][T16456] netlink: 330 bytes leftover after parsing attributes in process `syz.4.3045'. [ 578.461120][T16456] –õ\­: renamed from lo (while UP) [ 578.762338][T16466] nbd: must specify a device to reconfigure [ 579.252915][T16475] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input79 [ 579.618794][T16475] tc_dump_action: action bad kind [ 579.925054][T16476] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input80 [ 580.284749][T16502] nbd: must specify a device to reconfigure [ 580.968317][T16530] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3065'. [ 581.105561][T16537] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input81 [ 582.252929][ T29] audit: type=1800 audit(4294967298.230:28): pid=16581 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3081" name="features" dev="configfs" ino=70570 res=0 errno=0 [ 583.769228][T16622] FAULT_INJECTION: forcing a failure. [ 583.769228][T16622] name failslab, interval 1, probability 0, space 0, times 0 [ 583.849140][T16622] CPU: 0 UID: 0 PID: 16622 Comm: syz.1.3090 Tainted: G L syzkaller #0 PREEMPT(full) [ 583.849167][T16622] Tainted: [L]=SOFTLOCKUP [ 583.849173][T16622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 583.849182][T16622] Call Trace: [ 583.849189][T16622] [ 583.849195][T16622] dump_stack_lvl+0x100/0x190 [ 583.849224][T16622] should_fail_ex.cold+0x5/0xa [ 583.849242][T16622] ? __netlink_kernel_create+0x181/0x750 [ 583.849261][T16622] should_failslab+0xc2/0x120 [ 583.849277][T16622] __kmalloc_noprof+0xe0/0x850 [ 583.849302][T16622] __netlink_kernel_create+0x181/0x750 [ 583.849322][T16622] ? __pfx___netlink_kernel_create+0x10/0x10 [ 583.849346][T16622] rtnetlink_net_init+0xb9/0x140 [ 583.849369][T16622] ? __pfx_rtnetlink_net_init+0x10/0x10 [ 583.849392][T16622] ? lockdep_init_map_type+0x5c/0x250 [ 583.849411][T16622] ? __pfx_rtnetlink_rcv+0x10/0x10 [ 583.849433][T16622] ? __pfx_rtnetlink_bind+0x10/0x10 [ 583.849456][T16622] ? mutex_init_lockep+0x110/0x150 [ 583.849478][T16622] ? __pfx_rtnetlink_net_init+0x10/0x10 [ 583.849500][T16622] ops_init+0x1e2/0x5f0 [ 583.849520][T16622] setup_net+0x118/0x3a0 [ 583.849537][T16622] ? __pfx_setup_net+0x10/0x10 [ 583.849553][T16622] ? lockdep_init_map_type+0x5c/0x250 [ 583.849573][T16622] ? mutex_init_lockep+0x110/0x150 [ 583.849596][T16622] copy_net_ns+0x46f/0x7c0 [ 583.849616][T16622] create_new_namespaces+0x3ea/0xac0 [ 583.849636][T16622] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 583.849654][T16622] ksys_unshare+0x455/0xab0 [ 583.849674][T16622] ? __pfx_ksys_unshare+0x10/0x10 [ 583.849699][T16622] __x64_sys_unshare+0x31/0x40 [ 583.849717][T16622] do_syscall_64+0x106/0xf80 [ 583.849733][T16622] ? clear_bhb_loop+0x40/0x90 [ 583.849751][T16622] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 583.849768][T16622] RIP: 0033:0x7fe0af79c629 [ 583.849782][T16622] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 583.849797][T16622] RSP: 002b:00007fe0b059c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 583.849819][T16622] RAX: ffffffffffffffda RBX: 00007fe0afa15fa0 RCX: 00007fe0af79c629 [ 583.849830][T16622] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 583.849839][T16622] RBP: 00007fe0af832b39 R08: 0000000000000000 R09: 0000000000000000 [ 583.849849][T16622] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 583.849858][T16622] R13: 00007fe0afa16038 R14: 00007fe0afa15fa0 R15: 00007ffc5ab3d3a8 [ 583.849878][T16622] [ 585.856829][T16664] Scaler: ================= START STATUS ================= [ 585.882649][T16664] Scaler: ================== END STATUS ================== [ 586.085459][T16671] Scaler: ================= START STATUS ================= [ 586.246979][T16671] Scaler: ================== END STATUS ================== [ 586.321588][T16686] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 588.589404][T16722] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 588.608120][T16722] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 588.695681][T16722] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 588.740130][T16722] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 588.887343][T16722] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 588.934637][T16722] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 589.105456][T16722] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 589.151702][T16722] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 590.037207][T16745] zswap: compressor not available [ 590.439800][T16745] zswap: compressor not available [ 590.642042][ T5145] Bluetooth: hci4: command 0x0406 tx timeout [ 590.721948][ T5145] Bluetooth: hci5: command 0x0406 tx timeout [ 590.966558][ T5145] Bluetooth: hci2: command 0x0406 tx timeout [ 591.116855][ T5145] Bluetooth: hci0: command 0x0406 tx timeout [ 591.822474][T16789] netlink: 25 bytes leftover after parsing attributes in process `syz.3.3127'. [ 592.287654][T16802] FAULT_INJECTION: forcing a failure. [ 592.287654][T16802] name failslab, interval 1, probability 0, space 0, times 0 [ 592.384207][T16802] CPU: 0 UID: 0 PID: 16802 Comm: syz.1.3131 Tainted: G L syzkaller #0 PREEMPT(full) [ 592.384233][T16802] Tainted: [L]=SOFTLOCKUP [ 592.384238][T16802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 592.384248][T16802] Call Trace: [ 592.384254][T16802] [ 592.384260][T16802] dump_stack_lvl+0x100/0x190 [ 592.384287][T16802] should_fail_ex.cold+0x5/0xa [ 592.384306][T16802] ? tomoyo_realpath_from_path+0xb6/0x690 [ 592.384324][T16802] should_failslab+0xc2/0x120 [ 592.384339][T16802] __kmalloc_noprof+0xe0/0x850 [ 592.384364][T16802] tomoyo_realpath_from_path+0xb6/0x690 [ 592.384385][T16802] tomoyo_path_number_perm+0x23c/0x580 [ 592.384407][T16802] ? tomoyo_path_number_perm+0x22e/0x580 [ 592.384430][T16802] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 592.384451][T16802] ? find_held_lock+0x2b/0x80 [ 592.384466][T16802] ? rcu_read_unlock+0x17/0x60 [ 592.384485][T16802] ? do_raw_spin_lock+0x128/0x260 [ 592.384505][T16802] ? find_held_lock+0x2b/0x80 [ 592.384529][T16802] ? __pfx_d_add+0x10/0x10 [ 592.384545][T16802] ? d_alloc+0x176/0x1e0 [ 592.384560][T16802] ? current_check_access_path+0x281/0x460 [ 592.384585][T16802] ? __pfx_current_check_access_path+0x10/0x10 [ 592.384610][T16802] ? simple_lookup+0x105/0x1d0 [ 592.384632][T16802] ? lookup_one_qstr_excl+0xb3/0x250 [ 592.384652][T16802] tomoyo_path_mkdir+0x9b/0xe0 [ 592.384670][T16802] ? __pfx_tomoyo_path_mkdir+0x10/0x10 [ 592.384693][T16802] security_path_mkdir+0x154/0x2e0 [ 592.384711][T16802] filename_mkdirat+0x168/0x5e0 [ 592.384728][T16802] ? __pfx_filename_mkdirat+0x10/0x10 [ 592.384744][T16802] ? strncpy_from_user+0x19d/0x2d0 [ 592.384768][T16802] ? do_getname+0x191/0x390 [ 592.384787][T16802] __x64_sys_mkdir+0x6b/0x90 [ 592.384803][T16802] do_syscall_64+0x106/0xf80 [ 592.384819][T16802] ? clear_bhb_loop+0x40/0x90 [ 592.384837][T16802] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 592.384853][T16802] RIP: 0033:0x7fe0af79c629 [ 592.384867][T16802] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 592.384882][T16802] RSP: 002b:00007fe0b059c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 592.384897][T16802] RAX: ffffffffffffffda RBX: 00007fe0afa15fa0 RCX: 00007fe0af79c629 [ 592.384907][T16802] RDX: 0000000000000000 RSI: 0000000000008001 RDI: 0000200000000100 [ 592.384916][T16802] RBP: 00007fe0af832b39 R08: 0000000000000000 R09: 0000000000000000 [ 592.384925][T16802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 592.384934][T16802] R13: 00007fe0afa16038 R14: 00007fe0afa15fa0 R15: 00007ffc5ab3d3a8 [ 592.384954][T16802] [ 592.384961][T16802] ERROR: Out of memory at tomoyo_realpath_from_path. [ 592.764658][ T5145] Bluetooth: hci4: command 0x0406 tx timeout [ 592.917501][ T5823] Bluetooth: hci5: command 0x0406 tx timeout [ 593.058048][ T5823] Bluetooth: hci2: command 0x0406 tx timeout [ 593.207390][ T5145] Bluetooth: hci0: command 0x0406 tx timeout [ 593.519593][T16827] FAULT_INJECTION: forcing a failure. [ 593.519593][T16827] name failslab, interval 1, probability 0, space 0, times 0 [ 593.566212][T16827] CPU: 0 UID: 8 PID: 16827 Comm: syz.1.3137 Tainted: G L syzkaller #0 PREEMPT(full) [ 593.566243][T16827] Tainted: [L]=SOFTLOCKUP [ 593.566249][T16827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 593.566258][T16827] Call Trace: [ 593.566264][T16827] [ 593.566271][T16827] dump_stack_lvl+0x100/0x190 [ 593.566298][T16827] should_fail_ex.cold+0x5/0xa [ 593.566316][T16827] ? lsm_blob_alloc+0x68/0x90 [ 593.566333][T16827] should_failslab+0xc2/0x120 [ 593.566349][T16827] __kmalloc_noprof+0xe0/0x850 [ 593.566369][T16827] ? trace_kmem_cache_alloc+0xf3/0x120 [ 593.566388][T16827] lsm_blob_alloc+0x68/0x90 [ 593.566404][T16827] security_cred_alloc_blank+0x28/0x260 [ 593.566422][T16827] cred_alloc_blank+0x61/0xa0 [ 593.566449][T16827] keyctl_session_to_parent+0x55/0xae0 [ 593.566475][T16827] __do_sys_keyctl+0x2b1/0x5a0 [ 593.566497][T16827] do_syscall_64+0x106/0xf80 [ 593.566513][T16827] ? clear_bhb_loop+0x40/0x90 [ 593.566531][T16827] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 593.566547][T16827] RIP: 0033:0x7fe0af79c629 [ 593.566560][T16827] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 593.566576][T16827] RSP: 002b:00007fe0b059c028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 593.566591][T16827] RAX: ffffffffffffffda RBX: 00007fe0afa15fa0 RCX: 00007fe0af79c629 [ 593.566601][T16827] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000012 [ 593.566610][T16827] RBP: 00007fe0af832b39 R08: 0000000000000001 R09: 0000000000000000 [ 593.566619][T16827] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 593.566629][T16827] R13: 00007fe0afa16038 R14: 00007fe0afa15fa0 R15: 00007ffc5ab3d3a8 [ 593.566648][T16827] [ 595.452705][T16863] blktrace: Concurrent blktraces are not allowed on loop2 [ 595.892239][T16873] FAULT_INJECTION: forcing a failure. [ 595.892239][T16873] name failslab, interval 1, probability 0, space 0, times 0 [ 595.978618][T16873] CPU: 0 UID: 8 PID: 16873 Comm: syz.4.3147 Tainted: G L syzkaller #0 PREEMPT(full) [ 595.978646][T16873] Tainted: [L]=SOFTLOCKUP [ 595.978652][T16873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 595.978661][T16873] Call Trace: [ 595.978667][T16873] [ 595.978673][T16873] dump_stack_lvl+0x100/0x190 [ 595.978701][T16873] should_fail_ex.cold+0x5/0xa [ 595.978719][T16873] should_failslab+0xc2/0x120 [ 595.978734][T16873] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 595.978763][T16873] ? cred_alloc_blank+0x1c/0xa0 [ 595.978786][T16873] ? __x64_sys_futex+0x34f/0x4d0 [ 595.978804][T16873] ? __x64_sys_futex+0x358/0x4d0 [ 595.978827][T16873] cred_alloc_blank+0x1c/0xa0 [ 595.978849][T16873] keyctl_session_to_parent+0x55/0xae0 [ 595.978874][T16873] __do_sys_keyctl+0x2b1/0x5a0 [ 595.978896][T16873] do_syscall_64+0x106/0xf80 [ 595.978911][T16873] ? clear_bhb_loop+0x40/0x90 [ 595.978930][T16873] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 595.978946][T16873] RIP: 0033:0x7f367519c629 [ 595.978962][T16873] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 595.978977][T16873] RSP: 002b:00007f36733f6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 595.978992][T16873] RAX: ffffffffffffffda RBX: 00007f3675415fa0 RCX: 00007f367519c629 [ 595.979002][T16873] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000012 [ 595.979012][T16873] RBP: 00007f3675232b39 R08: 0000000000000001 R09: 0000000000000000 [ 595.979022][T16873] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 595.979032][T16873] R13: 00007f3675416038 R14: 00007f3675415fa0 R15: 00007fff4c006db8 [ 595.979052][T16873] [ 596.732734][T16884] sd 0:0:1:0: PR command failed: 1026 [ 596.738150][T16884] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 596.850842][T16884] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 597.176334][T16890] netlink: 146 bytes leftover after parsing attributes in process `syz.3.3151'. [ 597.448223][T16895] FAULT_INJECTION: forcing a failure. [ 597.448223][T16895] name failslab, interval 1, probability 0, space 0, times 0 [ 597.539991][T16895] CPU: 0 UID: 0 PID: 16895 Comm: syz.1.3154 Tainted: G L syzkaller #0 PREEMPT(full) [ 597.540019][T16895] Tainted: [L]=SOFTLOCKUP [ 597.540025][T16895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 597.540034][T16895] Call Trace: [ 597.540040][T16895] [ 597.540047][T16895] dump_stack_lvl+0x100/0x190 [ 597.540075][T16895] should_fail_ex.cold+0x5/0xa [ 597.540094][T16895] should_failslab+0xc2/0x120 [ 597.540109][T16895] __kmalloc_cache_noprof+0x7a/0x6f0 [ 597.540128][T16895] ? device_add+0xd3a/0x1950 [ 597.540154][T16895] device_add+0xd3a/0x1950 [ 597.540176][T16895] ? kfree_const+0x5a/0x70 [ 597.540199][T16895] ? __pfx_device_add+0x10/0x10 [ 597.540220][T16895] ? kfree_const+0x5a/0x70 [ 597.540239][T16895] ? kfree+0x2ec/0x6b0 [ 597.540263][T16895] device_create_groups_vargs+0x1f8/0x270 [ 597.540289][T16895] device_create+0xed/0x130 [ 597.540312][T16895] ? __pfx_device_create+0x10/0x10 [ 597.540333][T16895] ? lockdep_init_map_type+0x5c/0x250 [ 597.540353][T16895] ? timer_init_key+0x150/0x340 [ 597.540372][T16895] ? ieee80211_roc_setup+0x136/0x270 [ 597.540396][T16895] ? ieee80211_alloc_hw_nm+0x19c3/0x22a0 [ 597.540418][T16895] mac80211_hwsim_new_radio+0x37f/0x57d0 [ 597.540448][T16895] ? __asan_memset+0x23/0x50 [ 597.540467][T16895] ? __nla_validate_parse+0x1e7/0x28b0 [ 597.540485][T16895] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 597.540511][T16895] hwsim_new_radio_nl+0xc1f/0x1340 [ 597.540533][T16895] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 597.540558][T16895] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 597.540580][T16895] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 597.540604][T16895] genl_family_rcv_msg_doit+0x214/0x300 [ 597.540637][T16895] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 597.540657][T16895] ? genl_get_cmd+0x3ef/0x720 [ 597.540683][T16895] ? bpf_lsm_capable+0x9/0x10 [ 597.540697][T16895] ? security_capable+0x80/0x260 [ 597.540716][T16895] ? ns_capable+0xd2/0xf0 [ 597.540732][T16895] genl_rcv_msg+0x560/0x800 [ 597.540755][T16895] ? __pfx_genl_rcv_msg+0x10/0x10 [ 597.540776][T16895] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 597.540802][T16895] netlink_rcv_skb+0x159/0x420 [ 597.540820][T16895] ? __pfx_genl_rcv_msg+0x10/0x10 [ 597.540841][T16895] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 597.540867][T16895] ? netlink_deliver_tap+0x1ae/0xcc0 [ 597.540887][T16895] genl_rcv+0x28/0x40 [ 597.540905][T16895] netlink_unicast+0x5aa/0x870 [ 597.540927][T16895] ? __pfx_netlink_unicast+0x10/0x10 [ 597.540952][T16895] netlink_sendmsg+0x8b0/0xda0 [ 597.540974][T16895] ? __pfx_netlink_sendmsg+0x10/0x10 [ 597.540991][T16895] ? __import_iovec+0x1d2/0x640 [ 597.541015][T16895] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 597.541038][T16895] ____sys_sendmsg+0xa54/0xc30 [ 597.541061][T16895] ? __pfx_____sys_sendmsg+0x10/0x10 [ 597.541085][T16895] ? __pfx_futex_wake_mark+0x10/0x10 [ 597.541110][T16895] ___sys_sendmsg+0x190/0x1e0 [ 597.541133][T16895] ? __pfx____sys_sendmsg+0x10/0x10 [ 597.541178][T16895] __sys_sendmsg+0x170/0x220 [ 597.541195][T16895] ? __pfx___sys_sendmsg+0x10/0x10 [ 597.541212][T16895] ? __x64_sys_futex+0x34f/0x4d0 [ 597.541242][T16895] do_syscall_64+0x106/0xf80 [ 597.541258][T16895] ? clear_bhb_loop+0x40/0x90 [ 597.541277][T16895] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 597.541293][T16895] RIP: 0033:0x7fe0af79c629 [ 597.541308][T16895] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 597.541323][T16895] RSP: 002b:00007fe0b059c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 597.541338][T16895] RAX: ffffffffffffffda RBX: 00007fe0afa15fa0 RCX: 00007fe0af79c629 [ 597.541349][T16895] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 597.541359][T16895] RBP: 00007fe0af832b39 R08: 0000000000000000 R09: 0000000000000000 [ 597.541368][T16895] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 597.541377][T16895] R13: 00007fe0afa16038 R14: 00007fe0afa15fa0 R15: 00007ffc5ab3d3a8 [ 597.541398][T16895] [ 598.208830][T16906] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3159'. [ 599.442646][T16945] FAULT_INJECTION: forcing a failure. [ 599.442646][T16945] name failslab, interval 1, probability 0, space 0, times 0 [ 599.482991][T16945] CPU: 0 UID: 0 PID: 16945 Comm: syz.1.3170 Tainted: G L syzkaller #0 PREEMPT(full) [ 599.483018][T16945] Tainted: [L]=SOFTLOCKUP [ 599.483024][T16945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 599.483034][T16945] Call Trace: [ 599.483040][T16945] [ 599.483046][T16945] dump_stack_lvl+0x100/0x190 [ 599.483074][T16945] should_fail_ex.cold+0x5/0xa [ 599.483093][T16945] should_failslab+0xc2/0x120 [ 599.483113][T16945] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 599.483136][T16945] ? alloc_inode+0x183/0x250 [ 599.483154][T16945] ? do_raw_spin_lock+0x128/0x260 [ 599.483179][T16945] alloc_inode+0x183/0x250 [ 599.483197][T16945] alloc_anon_inode+0x2a/0x3e0 [ 599.483221][T16945] anon_inode_make_secure_inode+0x2f/0x140 [ 599.483240][T16945] __anon_inode_getfile+0x1cf/0x280 [ 599.483258][T16945] new_userfaultfd+0x255/0x400 [ 599.483279][T16945] __x64_sys_userfaultfd+0x4b/0xb0 [ 599.483302][T16945] do_syscall_64+0x106/0xf80 [ 599.483318][T16945] ? clear_bhb_loop+0x40/0x90 [ 599.483336][T16945] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 599.483352][T16945] RIP: 0033:0x7fe0af79c629 [ 599.483366][T16945] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 599.483380][T16945] RSP: 002b:00007fe0b059c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000143 [ 599.483395][T16945] RAX: ffffffffffffffda RBX: 00007fe0afa15fa0 RCX: 00007fe0af79c629 [ 599.483405][T16945] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 599.483414][T16945] RBP: 00007fe0af832b39 R08: 0000000000000000 R09: 0000000000000000 [ 599.483423][T16945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 599.483433][T16945] R13: 00007fe0afa16038 R14: 00007fe0afa15fa0 R15: 00007ffc5ab3d3a8 [ 599.483461][T16945] [ 599.675953][T16945] [U] [ 599.678729][T16945] [U] [ 599.681399][T16945] [U] [ 599.684063][T16945] [U] [ 599.687474][T16945] [U] [ 599.690153][T16945] [U] [ 599.692820][T16945] [U] [ 599.695489][T16945] [U] [ 599.699082][T16945] [U] [ 599.734543][ T29] audit: type=1326 audit(4294968338.706:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16940 comm="syz.0.3169" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f01b799c629 code=0x0 [ 600.289404][T16960] netlink: 4128 bytes leftover after parsing attributes in process `syz.1.3173'. [ 605.310762][T17082] FAULT_INJECTION: forcing a failure. [ 605.310762][T17082] name fail_futex, interval 1, probability 0, space 0, times 0 [ 605.424472][T17082] CPU: 0 UID: 8 PID: 17082 Comm: syz.4.3206 Tainted: G L syzkaller #0 PREEMPT(full) [ 605.424499][T17082] Tainted: [L]=SOFTLOCKUP [ 605.424506][T17082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 605.424515][T17082] Call Trace: [ 605.424521][T17082] [ 605.424528][T17082] dump_stack_lvl+0x100/0x190 [ 605.424556][T17082] should_fail_ex.cold+0x5/0xa [ 605.424575][T17082] get_futex_key+0x1d2/0x1620 [ 605.424596][T17082] ? __pfx_get_futex_key+0x10/0x10 [ 605.424613][T17082] ? kasan_save_stack+0x3f/0x50 [ 605.424634][T17082] ? kasan_save_stack+0x30/0x50 [ 605.424655][T17082] ? kasan_record_aux_stack+0xa7/0xc0 [ 605.424673][T17082] ? __call_rcu_common.constprop.0+0xa5/0x9b0 [ 605.424692][T17082] ? __put_cred+0x10c/0x180 [ 605.424712][T17082] ? keyctl_session_to_parent+0x95a/0xae0 [ 605.424732][T17082] ? __do_sys_keyctl+0x2b1/0x5a0 [ 605.424751][T17082] ? do_syscall_64+0x106/0xf80 [ 605.424767][T17082] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 605.424786][T17082] futex_wake+0xea/0x530 [ 605.424809][T17082] ? __pfx_futex_wake+0x10/0x10 [ 605.424838][T17082] do_futex+0x32b/0x350 [ 605.424857][T17082] ? __pfx_do_futex+0x10/0x10 [ 605.424881][T17082] __x64_sys_futex+0x34f/0x4d0 [ 605.424902][T17082] ? __pfx___x64_sys_futex+0x10/0x10 [ 605.424920][T17082] ? __put_cred+0x111/0x180 [ 605.424940][T17082] ? keyctl_session_to_parent+0x39a/0xae0 [ 605.424972][T17082] do_syscall_64+0x106/0xf80 [ 605.424988][T17082] ? clear_bhb_loop+0x40/0x90 [ 605.425007][T17082] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 605.425024][T17082] RIP: 0033:0x7f367519c629 [ 605.425037][T17082] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 605.425052][T17082] RSP: 002b:00007f36733f60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 605.425067][T17082] RAX: ffffffffffffffda RBX: 00007f3675415fa8 RCX: 00007f367519c629 [ 605.425077][T17082] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f3675415fac [ 605.425087][T17082] RBP: 00007f3675415fa0 R08: 0000000000000000 R09: 0000000000000000 [ 605.425096][T17082] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 605.425106][T17082] R13: 00007f3675416038 R14: 00007fff4c006cd0 R15: 00007fff4c006db8 [ 605.425126][T17082] [ 607.325119][T17112] FAULT_INJECTION: forcing a failure. [ 607.325119][T17112] name failslab, interval 1, probability 0, space 0, times 0 [ 607.375373][T17112] CPU: 0 UID: 0 PID: 17112 Comm: syz.1.3215 Tainted: G L syzkaller #0 PREEMPT(full) [ 607.375401][T17112] Tainted: [L]=SOFTLOCKUP [ 607.375407][T17112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 607.375416][T17112] Call Trace: [ 607.375422][T17112] [ 607.375430][T17112] dump_stack_lvl+0x100/0x190 [ 607.375458][T17112] should_fail_ex.cold+0x5/0xa [ 607.375476][T17112] should_failslab+0xc2/0x120 [ 607.375492][T17112] __kmalloc_cache_noprof+0x7a/0x6f0 [ 607.375511][T17112] ? device_add+0xd3a/0x1950 [ 607.375537][T17112] device_add+0xd3a/0x1950 [ 607.375564][T17112] ? kfree_const+0x5a/0x70 [ 607.375586][T17112] ? __pfx_device_add+0x10/0x10 [ 607.375607][T17112] ? kfree_const+0x5a/0x70 [ 607.375627][T17112] ? kfree+0x2ec/0x6b0 [ 607.375650][T17112] device_create_groups_vargs+0x1f8/0x270 [ 607.375676][T17112] device_create+0xed/0x130 [ 607.375699][T17112] ? __pfx_device_create+0x10/0x10 [ 607.375720][T17112] ? lockdep_init_map_type+0x5c/0x250 [ 607.375740][T17112] ? timer_init_key+0x150/0x340 [ 607.375766][T17112] ? ieee80211_roc_setup+0x136/0x270 [ 607.375791][T17112] ? ieee80211_alloc_hw_nm+0x19c3/0x22a0 [ 607.375814][T17112] mac80211_hwsim_new_radio+0x37f/0x57d0 [ 607.375844][T17112] ? __asan_memset+0x23/0x50 [ 607.375863][T17112] ? __nla_validate_parse+0x1e7/0x28b0 [ 607.375881][T17112] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 607.375907][T17112] hwsim_new_radio_nl+0xc1f/0x1340 [ 607.375929][T17112] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 607.375954][T17112] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 607.375976][T17112] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 607.376001][T17112] genl_family_rcv_msg_doit+0x214/0x300 [ 607.376024][T17112] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 607.376045][T17112] ? genl_get_cmd+0x3ef/0x720 [ 607.376069][T17112] ? bpf_lsm_capable+0x9/0x10 [ 607.376084][T17112] ? security_capable+0x80/0x260 [ 607.376104][T17112] ? ns_capable+0xd2/0xf0 [ 607.376120][T17112] genl_rcv_msg+0x560/0x800 [ 607.376143][T17112] ? __pfx_genl_rcv_msg+0x10/0x10 [ 607.376163][T17112] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 607.376189][T17112] netlink_rcv_skb+0x159/0x420 [ 607.376207][T17112] ? __pfx_genl_rcv_msg+0x10/0x10 [ 607.376228][T17112] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 607.376255][T17112] ? netlink_deliver_tap+0x1ae/0xcc0 [ 607.376275][T17112] genl_rcv+0x28/0x40 [ 607.376293][T17112] netlink_unicast+0x5aa/0x870 [ 607.376314][T17112] ? __pfx_netlink_unicast+0x10/0x10 [ 607.376339][T17112] netlink_sendmsg+0x8b0/0xda0 [ 607.376360][T17112] ? __pfx_netlink_sendmsg+0x10/0x10 [ 607.376377][T17112] ? __import_iovec+0x1d2/0x640 [ 607.376405][T17112] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 607.376428][T17112] ____sys_sendmsg+0xa54/0xc30 [ 607.376451][T17112] ? __pfx_____sys_sendmsg+0x10/0x10 [ 607.376476][T17112] ? try_to_wake_up+0x644/0x1a80 [ 607.376495][T17112] ___sys_sendmsg+0x190/0x1e0 [ 607.376518][T17112] ? __pfx____sys_sendmsg+0x10/0x10 [ 607.376539][T17112] ? futex_private_hash_put+0x107/0x1c0 [ 607.376579][T17112] __sys_sendmsg+0x170/0x220 [ 607.376596][T17112] ? __pfx___sys_sendmsg+0x10/0x10 [ 607.376613][T17112] ? __x64_sys_futex+0x34f/0x4d0 [ 607.376643][T17112] do_syscall_64+0x106/0xf80 [ 607.376660][T17112] ? clear_bhb_loop+0x40/0x90 [ 607.376679][T17112] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 607.376695][T17112] RIP: 0033:0x7fe0af79c629 [ 607.376709][T17112] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 607.376724][T17112] RSP: 002b:00007fe0b059c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 607.376740][T17112] RAX: ffffffffffffffda RBX: 00007fe0afa15fa0 RCX: 00007fe0af79c629 [ 607.376750][T17112] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 607.376765][T17112] RBP: 00007fe0af832b39 R08: 0000000000000000 R09: 0000000000000000 [ 607.376775][T17112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 607.376785][T17112] R13: 00007fe0afa16038 R14: 00007fe0afa15fa0 R15: 00007ffc5ab3d3a8 [ 607.376807][T17112] [ 610.373459][T17152] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input82 [ 611.584420][T17141] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 611.591944][T17141] Bluetooth: hci2: Invalid handle: 0x3a4a > 0x0eff [ 612.300195][T17219] FAULT_INJECTION: forcing a failure. [ 612.300195][T17219] name failslab, interval 1, probability 0, space 0, times 0 [ 612.342435][T17219] CPU: 0 UID: 8 PID: 17219 Comm: syz.1.3242 Tainted: G L syzkaller #0 PREEMPT(full) [ 612.342462][T17219] Tainted: [L]=SOFTLOCKUP [ 612.342468][T17219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 612.342478][T17219] Call Trace: [ 612.342483][T17219] [ 612.342490][T17219] dump_stack_lvl+0x100/0x190 [ 612.342517][T17219] should_fail_ex.cold+0x5/0xa [ 612.342536][T17219] should_failslab+0xc2/0x120 [ 612.342552][T17219] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 612.342572][T17219] ? alloc_empty_file+0x55/0x1c0 [ 612.342590][T17219] ? __pfx_stack_trace_save+0x10/0x10 [ 612.342608][T17219] alloc_empty_file+0x55/0x1c0 [ 612.342627][T17219] path_openat+0xe8/0x31a0 [ 612.342641][T17219] ? kasan_save_stack+0x3f/0x50 [ 612.342661][T17219] ? kasan_save_stack+0x30/0x50 [ 612.342681][T17219] ? kasan_save_track+0x14/0x30 [ 612.342701][T17219] ? __kasan_slab_alloc+0x89/0x90 [ 612.342722][T17219] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 612.342742][T17219] ? do_getname+0x35/0x390 [ 612.342757][T17219] ? do_sys_openat2+0xc5/0x1e0 [ 612.342775][T17219] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 612.342794][T17219] ? __pfx_path_openat+0x10/0x10 [ 612.342815][T17219] do_file_open+0x20e/0x430 [ 612.342830][T17219] ? __pfx_do_file_open+0x10/0x10 [ 612.342858][T17219] ? alloc_fd+0x476/0x790 [ 612.342883][T17219] ? do_getname+0x191/0x390 [ 612.342901][T17219] do_sys_openat2+0x10d/0x1e0 [ 612.342918][T17219] ? __pfx_do_sys_openat2+0x10/0x10 [ 612.342943][T17219] __x64_sys_openat+0x12d/0x210 [ 612.342962][T17219] ? __pfx___x64_sys_openat+0x10/0x10 [ 612.342987][T17219] do_syscall_64+0x106/0xf80 [ 612.343003][T17219] ? clear_bhb_loop+0x40/0x90 [ 612.343021][T17219] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 612.343036][T17219] RIP: 0033:0x7fe0af79c629 [ 612.343049][T17219] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 612.343064][T17219] RSP: 002b:00007fe0b059c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 612.343080][T17219] RAX: ffffffffffffffda RBX: 00007fe0afa15fa0 RCX: 00007fe0af79c629 [ 612.343091][T17219] RDX: 0000000000001541 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 612.343100][T17219] RBP: 00007fe0af832b39 R08: 0000000000000000 R09: 0000000000000000 [ 612.343109][T17219] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 612.343118][T17219] R13: 00007fe0afa16038 R14: 00007fe0afa15fa0 R15: 00007ffc5ab3d3a8 [ 612.343137][T17219] [ 614.002670][T17273] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3257'. [ 614.047761][T17273] bridge0: port 2(bridge_slave_1) entered disabled state [ 614.138710][T17273] bridge_slave_1 (unregistering): left allmulticast mode [ 614.175729][T17273] bridge_slave_1 (unregistering): left promiscuous mode [ 614.212406][T17273] bridge0: port 2(bridge_slave_1) entered disabled state [ 615.847591][T17330] FAULT_INJECTION: forcing a failure. [ 615.847591][T17330] name failslab, interval 1, probability 0, space 0, times 0 [ 615.921902][T17330] CPU: 0 UID: 8 PID: 17330 Comm: syz.1.3275 Tainted: G L syzkaller #0 PREEMPT(full) [ 615.921930][T17330] Tainted: [L]=SOFTLOCKUP [ 615.921937][T17330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 615.921947][T17330] Call Trace: [ 615.921953][T17330] [ 615.921959][T17330] dump_stack_lvl+0x100/0x190 [ 615.921986][T17330] should_fail_ex.cold+0x5/0xa [ 615.922005][T17330] should_failslab+0xc2/0x120 [ 615.922020][T17330] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 615.922050][T17330] ? cred_alloc_blank+0x1c/0xa0 [ 615.922074][T17330] ? __x64_sys_futex+0x34f/0x4d0 [ 615.922092][T17330] ? __x64_sys_futex+0x358/0x4d0 [ 615.922113][T17330] cred_alloc_blank+0x1c/0xa0 [ 615.922134][T17330] keyctl_session_to_parent+0x55/0xae0 [ 615.922159][T17330] __do_sys_keyctl+0x2b1/0x5a0 [ 615.922180][T17330] do_syscall_64+0x106/0xf80 [ 615.922197][T17330] ? clear_bhb_loop+0x40/0x90 [ 615.922215][T17330] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 615.922231][T17330] RIP: 0033:0x7fe0af79c629 [ 615.922244][T17330] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 615.922259][T17330] RSP: 002b:00007fe0b059c028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 615.922274][T17330] RAX: ffffffffffffffda RBX: 00007fe0afa15fa0 RCX: 00007fe0af79c629 [ 615.922285][T17330] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000012 [ 615.922295][T17330] RBP: 00007fe0af832b39 R08: 0000000000000001 R09: 0000000000000000 [ 615.922304][T17330] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 615.922314][T17330] R13: 00007fe0afa16038 R14: 00007fe0afa15fa0 R15: 00007ffc5ab3d3a8 [ 615.922333][T17330] [ 617.144873][T17354] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3283'. [ 619.883938][T17428] netlink: 338 bytes leftover after parsing attributes in process `syz.0.3300'. [ 619.951261][T17436] nbd0: detected capacity change from 0 to 98304 [ 619.974465][ T5812] block nbd0: Dead connection, failed to find a fallback [ 620.019630][ T5812] block nbd0: shutting down sockets [ 620.049528][ T5812] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 620.112884][ T5812] Buffer I/O error on dev nbd0, logical block 0, async page read [ 620.120834][ T5812] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 620.209528][ T5812] Buffer I/O error on dev nbd0, logical block 0, async page read [ 620.264514][ T5812] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 620.320398][ T5812] Buffer I/O error on dev nbd0, logical block 0, async page read [ 620.369279][ T5812] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 620.425993][ T5812] Buffer I/O error on dev nbd0, logical block 0, async page read [ 620.473033][ T5812] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 620.544392][ T5812] Buffer I/O error on dev nbd0, logical block 0, async page read [ 620.578864][ T5812] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 620.661215][ T5812] Buffer I/O error on dev nbd0, logical block 0, async page read [ 620.701227][ T5812] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 620.755575][ T5812] Buffer I/O error on dev nbd0, logical block 0, async page read [ 620.806859][ T5812] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 620.878569][ T5812] Buffer I/O error on dev nbd0, logical block 0, async page read [ 620.920168][T17451] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4. [ 620.948546][ T5812] ldm_validate_partition_table(): Disk read failed. [ 620.988103][ T5812] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 621.050704][ T5812] Buffer I/O error on dev nbd0, logical block 0, async page read [ 621.106218][ T5812] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 621.167222][ T5812] Buffer I/O error on dev nbd0, logical block 0, async page read [ 621.209165][ T5812] Dev nbd0: unable to read RDB block 0 [ 621.239946][ T5812] nbd0: unable to read partition table [ 621.287606][ T5812] ldm_validate_partition_table(): Disk read failed. [ 621.331828][ T5812] Dev nbd0: unable to read RDB block 0 [ 621.362987][ T5812] nbd0: unable to read partition table [ 621.602770][T17459] NFSD: Failed to start, no listeners configured. [ 621.710701][T17452] kexec: Could not allocate control_code_buffer [ 622.217335][T17469] nbd0: detected capacity change from 98304 to 25165824 [ 622.263586][ T5812] ldm_validate_partition_table(): Disk read failed. [ 622.270286][ T5812] Dev nbd0: unable to read RDB block 0 [ 622.338909][ T5812] nbd0: unable to read partition table [ 622.381263][ T5812] ldm_validate_partition_table(): Disk read failed. [ 622.431450][ T5812] Dev nbd0: unable to read RDB block 0 [ 622.448562][ T5812] nbd0: unable to read partition table [ 622.791970][T17474] netlink: 338 bytes leftover after parsing attributes in process `syz.3.3315'. [ 622.970134][T17489] netlink: 326 bytes leftover after parsing attributes in process `syz.0.3320'. [ 624.338750][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.345112][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 627.216121][T17595] FAULT_INJECTION: forcing a failure. [ 627.216121][T17595] name failslab, interval 1, probability 0, space 0, times 0 [ 627.273189][T17595] CPU: 0 UID: 0 PID: 17595 Comm: syz.4.3341 Tainted: G L syzkaller #0 PREEMPT(full) [ 627.273217][T17595] Tainted: [L]=SOFTLOCKUP [ 627.273223][T17595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 627.273233][T17595] Call Trace: [ 627.273239][T17595] [ 627.273245][T17595] dump_stack_lvl+0x100/0x190 [ 627.273273][T17595] should_fail_ex.cold+0x5/0xa [ 627.273292][T17595] should_failslab+0xc2/0x120 [ 627.273308][T17595] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 627.273329][T17595] ? __kernfs_new_node+0xd2/0x960 [ 627.273349][T17595] ? kstrdup+0xb3/0xe0 [ 627.273374][T17595] __kernfs_new_node+0xd2/0x960 [ 627.273396][T17595] ? __pfx___kernfs_new_node+0x10/0x10 [ 627.273420][T17595] ? find_held_lock+0x2b/0x80 [ 627.273434][T17595] ? kernfs_root+0xee/0x2a0 [ 627.273452][T17595] ? kernfs_root+0xee/0x2a0 [ 627.273475][T17595] kernfs_new_node+0x11b/0x1a0 [ 627.273499][T17595] kernfs_create_link+0xcc/0x240 [ 627.273517][T17595] sysfs_do_create_link_sd+0x90/0x140 [ 627.273537][T17595] sysfs_create_link+0x61/0xc0 [ 627.273556][T17595] device_add+0x675/0x1950 [ 627.273579][T17595] ? kfree_const+0x5a/0x70 [ 627.273600][T17595] ? __pfx_device_add+0x10/0x10 [ 627.273621][T17595] ? kfree_const+0x5a/0x70 [ 627.273641][T17595] ? kfree+0x2ec/0x6b0 [ 627.273664][T17595] device_create_groups_vargs+0x1f8/0x270 [ 627.273690][T17595] device_create+0xed/0x130 [ 627.273713][T17595] ? __pfx_device_create+0x10/0x10 [ 627.273734][T17595] ? lockdep_init_map_type+0x5c/0x250 [ 627.273754][T17595] ? timer_init_key+0x150/0x340 [ 627.273773][T17595] ? ieee80211_roc_setup+0x136/0x270 [ 627.273797][T17595] ? ieee80211_alloc_hw_nm+0x19c3/0x22a0 [ 627.273819][T17595] mac80211_hwsim_new_radio+0x37f/0x57d0 [ 627.273848][T17595] ? __asan_memset+0x23/0x50 [ 627.273868][T17595] ? __nla_validate_parse+0x1e7/0x28b0 [ 627.273887][T17595] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 627.273913][T17595] hwsim_new_radio_nl+0xc1f/0x1340 [ 627.273934][T17595] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 627.273959][T17595] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 627.273981][T17595] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 627.274006][T17595] genl_family_rcv_msg_doit+0x214/0x300 [ 627.274029][T17595] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 627.274059][T17595] ? genl_get_cmd+0x3ef/0x720 [ 627.274083][T17595] ? bpf_lsm_capable+0x9/0x10 [ 627.274099][T17595] ? security_capable+0x80/0x260 [ 627.274119][T17595] ? ns_capable+0xd2/0xf0 [ 627.274136][T17595] genl_rcv_msg+0x560/0x800 [ 627.274158][T17595] ? __pfx_genl_rcv_msg+0x10/0x10 [ 627.274178][T17595] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 627.274204][T17595] netlink_rcv_skb+0x159/0x420 [ 627.274222][T17595] ? __pfx_genl_rcv_msg+0x10/0x10 [ 627.274243][T17595] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 627.274269][T17595] ? netlink_deliver_tap+0x1ae/0xcc0 [ 627.274289][T17595] genl_rcv+0x28/0x40 [ 627.274307][T17595] netlink_unicast+0x5aa/0x870 [ 627.274327][T17595] ? __pfx_netlink_unicast+0x10/0x10 [ 627.274353][T17595] netlink_sendmsg+0x8b0/0xda0 [ 627.274374][T17595] ? __pfx_netlink_sendmsg+0x10/0x10 [ 627.274391][T17595] ? __import_iovec+0x1d2/0x640 [ 627.274416][T17595] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 627.274439][T17595] ____sys_sendmsg+0xa54/0xc30 [ 627.274462][T17595] ? __pfx_____sys_sendmsg+0x10/0x10 [ 627.274487][T17595] ? __pfx_futex_wake_mark+0x10/0x10 [ 627.274512][T17595] ___sys_sendmsg+0x190/0x1e0 [ 627.274534][T17595] ? __pfx____sys_sendmsg+0x10/0x10 [ 627.274579][T17595] __sys_sendmsg+0x170/0x220 [ 627.274596][T17595] ? __pfx___sys_sendmsg+0x10/0x10 [ 627.274616][T17595] ? __x64_sys_futex+0x34f/0x4d0 [ 627.274646][T17595] do_syscall_64+0x106/0xf80 [ 627.274663][T17595] ? clear_bhb_loop+0x40/0x90 [ 627.274682][T17595] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 627.274698][T17595] RIP: 0033:0x7f367519c629 [ 627.274713][T17595] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 627.274728][T17595] RSP: 002b:00007f36733f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 627.274744][T17595] RAX: ffffffffffffffda RBX: 00007f3675415fa0 RCX: 00007f367519c629 [ 627.274754][T17595] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 627.274764][T17595] RBP: 00007f3675232b39 R08: 0000000000000000 R09: 0000000000000000 [ 627.274774][T17595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 627.274783][T17595] R13: 00007f3675416038 R14: 00007f3675415fa0 R15: 00007fff4c006db8 [ 627.274804][T17595] [ 628.390167][T17603] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3343'. [ 628.418468][T17603] netlink: 'syz.1.3343': attribute type 1 has an invalid length. [ 628.431102][T17603] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3343'. [ 629.296072][T17621] Invalid ELF header magic: != ELF [ 630.494183][T17656] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3354'. [ 631.627274][T17675] nbd0: detected capacity change from 25165824 to 1649267441664 [ 631.651813][ T5812] blk_print_req_error: 58 callbacks suppressed [ 631.651828][ T5812] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 631.724403][ T5812] buffer_io_error: 56 callbacks suppressed [ 631.724417][ T5812] Buffer I/O error on dev nbd0, logical block 0, async page read [ 631.783698][ T5812] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 631.799281][T17679] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3361'. [ 631.836378][ T5812] Buffer I/O error on dev nbd0, logical block 0, async page read [ 631.874314][ T5812] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 631.920586][ T5812] Buffer I/O error on dev nbd0, logical block 0, async page read [ 631.954835][ T5812] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 632.001448][ T5812] Buffer I/O error on dev nbd0, logical block 0, async page read [ 632.058848][ T5812] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 632.129252][ T5812] Buffer I/O error on dev nbd0, logical block 0, async page read [ 632.175081][ T5812] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 632.222977][ T5812] Buffer I/O error on dev nbd0, logical block 0, async page read [ 632.267858][ T5812] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 632.319471][ T5812] Buffer I/O error on dev nbd0, logical block 0, async page read [ 632.353039][ T5812] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 632.400058][ T5812] Buffer I/O error on dev nbd0, logical block 0, async page read [ 632.453193][ T5812] ldm_validate_partition_table(): Disk read failed. [ 632.495861][ T5812] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 632.547358][ T5812] Buffer I/O error on dev nbd0, logical block 0, async page read [ 632.590208][ T5812] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 632.645437][ T5812] Buffer I/O error on dev nbd0, logical block 0, async page read [ 632.694071][ T5812] Dev nbd0: unable to read RDB block 0 [ 632.738573][ T5812] nbd0: unable to read partition table [ 632.769956][ T5812] ldm_validate_partition_table(): Disk read failed. [ 632.808598][ T5812] Dev nbd0: unable to read RDB block 0 [ 632.830568][T17704] __vm_enough_memory: pid: 17704, comm: syz.3.3367, bytes: 4398046511104 not enough memory for the allocation [ 632.850394][ T5812] nbd0: unable to read partition table [ 633.333985][T17708] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3368'. [ 633.625776][T17713] nbd0: detected capacity change from 1649267441664 to 422212465065984 [ 633.700865][ T5812] ldm_validate_partition_table(): Disk read failed. [ 633.736211][ T5812] Dev nbd0: unable to read RDB block 0 [ 633.766309][ T5812] nbd0: unable to read partition table [ 633.796850][ T5812] ldm_validate_partition_table(): Disk read failed. [ 633.833160][ T5812] Dev nbd0: unable to read RDB block 0 [ 633.882727][ T5812] nbd0: unable to read partition table [ 633.920391][ T29] audit: type=1800 audit(4294968372.889:30): pid=17721 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3372" name="SYSV00000014" dev="hugetlbfs" ino=0 res=0 errno=0 [ 635.608978][T17789] nbd0: detected capacity change from 422212465065984 to 0 [ 636.011204][T17799] FAULT_INJECTION: forcing a failure. [ 636.011204][T17799] name failslab, interval 1, probability 0, space 0, times 0 [ 636.070388][T17799] CPU: 0 UID: 0 PID: 17799 Comm: syz.4.3386 Tainted: G L syzkaller #0 PREEMPT(full) [ 636.070415][T17799] Tainted: [L]=SOFTLOCKUP [ 636.070421][T17799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 636.070431][T17799] Call Trace: [ 636.070437][T17799] [ 636.070443][T17799] dump_stack_lvl+0x100/0x190 [ 636.070471][T17799] should_fail_ex.cold+0x5/0xa [ 636.070490][T17799] should_failslab+0xc2/0x120 [ 636.070506][T17799] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 636.070529][T17799] ? kvasprintf_const+0x66/0x1a0 [ 636.070557][T17799] kvasprintf+0xbc/0x150 [ 636.070579][T17799] ? __pfx_kvasprintf+0x10/0x10 [ 636.070603][T17799] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 636.070627][T17799] ? lockdep_init_map_type+0x5c/0x250 [ 636.070650][T17799] kvasprintf_const+0x66/0x1a0 [ 636.070673][T17799] kobject_set_name_vargs+0x5a/0x140 [ 636.070694][T17799] device_create_groups_vargs+0x1b1/0x270 [ 636.070722][T17799] device_create+0xed/0x130 [ 636.070745][T17799] ? __pfx_device_create+0x10/0x10 [ 636.070767][T17799] ? lockdep_init_map_type+0x5c/0x250 [ 636.070787][T17799] ? timer_init_key+0x150/0x340 [ 636.070805][T17799] ? ieee80211_roc_setup+0x136/0x270 [ 636.070829][T17799] ? ieee80211_alloc_hw_nm+0x19c3/0x22a0 [ 636.070851][T17799] mac80211_hwsim_new_radio+0x37f/0x57d0 [ 636.070880][T17799] ? __asan_memset+0x23/0x50 [ 636.070899][T17799] ? __nla_validate_parse+0x1e7/0x28b0 [ 636.070917][T17799] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 636.070943][T17799] hwsim_new_radio_nl+0xc1f/0x1340 [ 636.070964][T17799] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 636.070989][T17799] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 636.071010][T17799] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 636.071036][T17799] genl_family_rcv_msg_doit+0x214/0x300 [ 636.071059][T17799] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 636.071079][T17799] ? genl_get_cmd+0x3ef/0x720 [ 636.071103][T17799] ? bpf_lsm_capable+0x9/0x10 [ 636.071118][T17799] ? security_capable+0x80/0x260 [ 636.071137][T17799] ? ns_capable+0xd2/0xf0 [ 636.071153][T17799] genl_rcv_msg+0x560/0x800 [ 636.071176][T17799] ? __pfx_genl_rcv_msg+0x10/0x10 [ 636.071197][T17799] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 636.071222][T17799] netlink_rcv_skb+0x159/0x420 [ 636.071240][T17799] ? __pfx_genl_rcv_msg+0x10/0x10 [ 636.071261][T17799] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 636.071295][T17799] ? netlink_deliver_tap+0x1ae/0xcc0 [ 636.071317][T17799] genl_rcv+0x28/0x40 [ 636.071335][T17799] netlink_unicast+0x5aa/0x870 [ 636.071357][T17799] ? __pfx_netlink_unicast+0x10/0x10 [ 636.071386][T17799] netlink_sendmsg+0x8b0/0xda0 [ 636.071408][T17799] ? __pfx_netlink_sendmsg+0x10/0x10 [ 636.071425][T17799] ? __import_iovec+0x1d2/0x640 [ 636.071449][T17799] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 636.071472][T17799] ____sys_sendmsg+0xa54/0xc30 [ 636.071495][T17799] ? __pfx_____sys_sendmsg+0x10/0x10 [ 636.071520][T17799] ? __pfx_futex_wake_mark+0x10/0x10 [ 636.071545][T17799] ___sys_sendmsg+0x190/0x1e0 [ 636.071567][T17799] ? __pfx____sys_sendmsg+0x10/0x10 [ 636.071612][T17799] __sys_sendmsg+0x170/0x220 [ 636.071630][T17799] ? __pfx___sys_sendmsg+0x10/0x10 [ 636.071646][T17799] ? __x64_sys_futex+0x34f/0x4d0 [ 636.071676][T17799] do_syscall_64+0x106/0xf80 [ 636.071692][T17799] ? clear_bhb_loop+0x40/0x90 [ 636.071711][T17799] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 636.071726][T17799] RIP: 0033:0x7f367519c629 [ 636.071741][T17799] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 636.071756][T17799] RSP: 002b:00007f36733f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 636.071773][T17799] RAX: ffffffffffffffda RBX: 00007f3675415fa0 RCX: 00007f367519c629 [ 636.071783][T17799] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 636.071793][T17799] RBP: 00007f3675232b39 R08: 0000000000000000 R09: 0000000000000000 [ 636.071803][T17799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 636.071812][T17799] R13: 00007f3675416038 R14: 00007f3675415fa0 R15: 00007fff4c006db8 [ 636.071833][T17799] [ 636.966290][T17804] [ 636.968633][T17804] ====================================================== [ 636.975628][T17804] WARNING: possible circular locking dependency detected [ 636.982621][T17804] syzkaller #0 Tainted: G L [ 636.988572][T17804] ------------------------------------------------------ [ 636.995563][T17804] syz.3.3387/17804 is trying to acquire lock: [ 637.001602][T17804] ffffffff8e9aaf80 (fs_reclaim){+.+.}-{0:0}, at: prepare_alloc_pages+0x166/0x5f0 [ 637.010716][T17804] [ 637.010716][T17804] but task is already holding lock: [ 637.018056][T17804] ffff88807ad4b440 (&mm->mmap_lock){++++}-{4:4}, at: lock_mm_and_find_vma+0x35/0x6f0 [ 637.027514][T17804] [ 637.027514][T17804] which lock already depends on the new lock. [ 637.027514][T17804] [ 637.037889][T17804] [ 637.037889][T17804] the existing dependency chain (in reverse order) is: [ 637.046878][T17804] [ 637.046878][T17804] -> #7 (&mm->mmap_lock){++++}-{4:4}: [ 637.054411][T17804] __might_fault+0xde/0x140 [ 637.059426][T17804] _copy_from_user+0x29/0xd0 [ 637.064522][T17804] do_ip_setsockopt+0x2363/0x3200 [ 637.070050][T17804] ip_setsockopt+0x5a/0xf0 [ 637.074978][T17804] ipv6_setsockopt+0x155/0x170 [ 637.080244][T17804] tcp_setsockopt+0xa7/0x100 [ 637.085339][T17804] smc_setsockopt+0x1b6/0xa10 [ 637.090521][T17804] do_sock_setsockopt+0xf3/0x1d0 [ 637.095963][T17804] __sys_setsockopt+0x119/0x190 [ 637.101311][T17804] __x64_sys_setsockopt+0xbd/0x160 [ 637.106921][T17804] do_syscall_64+0x106/0xf80 [ 637.112012][T17804] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 637.118405][T17804] [ 637.118405][T17804] -> #6 (k-sk_lock-AF_INET6){+.+.}-{0:0}: [ 637.126284][T17804] lock_sock_nested+0x41/0xf0 [ 637.131459][T17804] inet_shutdown+0x67/0x410 [ 637.136464][T17804] nbd_mark_nsock_dead+0xae/0x5c0 [ 637.141989][T17804] sock_shutdown+0x16b/0x200 [ 637.147080][T17804] nbd_config_put+0x1eb/0x750 [ 637.152351][T17804] nbd_release+0xb7/0x190 [ 637.157184][T17804] blkdev_put_whole+0xb0/0xf0 [ 637.162374][T17804] bdev_release+0x47f/0x6d0 [ 637.167378][T17804] blkdev_release+0x15/0x20 [ 637.172382][T17804] __fput+0x3ff/0xb40 [ 637.176864][T17804] task_work_run+0x150/0x240 [ 637.181958][T17804] exit_to_user_mode_loop+0x100/0x4a0 [ 637.187835][T17804] do_syscall_64+0x668/0xf80 [ 637.192925][T17804] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 637.199318][T17804] [ 637.199318][T17804] -> #5 (&nsock->tx_lock){+.+.}-{4:4}: [ 637.206938][T17804] __mutex_lock+0x1a2/0x1b90 [ 637.212029][T17804] nbd_queue_rq+0x428/0x1080 [ 637.217124][T17804] blk_mq_dispatch_rq_list+0x422/0x1e70 [ 637.223175][T17804] __blk_mq_sched_dispatch_requests+0xcea/0x1620 [ 637.230005][T17804] blk_mq_sched_dispatch_requests+0xd7/0x1c0 [ 637.236485][T17804] blk_mq_run_hw_queue+0x23c/0x670 [ 637.242092][T17804] blk_mq_dispatch_list+0x51d/0x1360 [ 637.247875][T17804] blk_mq_flush_plug_list+0x130/0x600 [ 637.253748][T17804] __blk_flush_plug+0x2c4/0x4b0 [ 637.259095][T17804] __submit_bio+0x584/0x6c0 [ 637.264095][T17804] submit_bio_noacct_nocheck+0x562/0xc10 [ 637.270227][T17804] submit_bio_noacct+0xd17/0x2010 [ 637.275751][T17804] submit_bh_wbc+0x59c/0x770 [ 637.280850][T17804] block_read_full_folio+0x4c8/0x8e0 [ 637.286637][T17804] filemap_read_folio+0xfc/0x3b0 [ 637.292084][T17804] do_read_cache_folio+0x2d7/0x6b0 [ 637.297701][T17804] read_part_sector+0xd1/0x370 [ 637.302963][T17804] adfspart_check_ICS+0x93/0x910 [ 637.308406][T17804] bdev_disk_changed+0x7f8/0xc80 [ 637.313850][T17804] blkdev_get_whole+0x187/0x290 [ 637.319214][T17804] bdev_open+0x2c7/0xe40 [ 637.323961][T17804] blkdev_open+0x34e/0x4f0 [ 637.328877][T17804] do_dentry_open+0x6d8/0x1660 [ 637.334149][T17804] vfs_open+0x82/0x3f0 [ 637.338719][T17804] path_openat+0x208c/0x31a0 [ 637.343806][T17804] do_file_open+0x20e/0x430 [ 637.348807][T17804] do_sys_openat2+0x10d/0x1e0 [ 637.353986][T17804] __x64_sys_openat+0x12d/0x210 [ 637.359338][T17804] do_syscall_64+0x106/0xf80 [ 637.364428][T17804] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 637.370823][T17804] [ 637.370823][T17804] -> #4 (&cmd->lock){+.+.}-{4:4}: [ 637.378010][T17804] __mutex_lock+0x1a2/0x1b90 [ 637.383103][T17804] nbd_queue_rq+0xba/0x1080 [ 637.388113][T17804] blk_mq_dispatch_rq_list+0x422/0x1e70 [ 637.394167][T17804] __blk_mq_sched_dispatch_requests+0xcea/0x1620 [ 637.400997][T17804] blk_mq_sched_dispatch_requests+0xd7/0x1c0 [ 637.407486][T17804] blk_mq_run_hw_queue+0x23c/0x670 [ 637.413103][T17804] blk_mq_dispatch_list+0x51d/0x1360 [ 637.418891][T17804] blk_mq_flush_plug_list+0x130/0x600 [ 637.424767][T17804] __blk_flush_plug+0x2c4/0x4b0 [ 637.430120][T17804] __submit_bio+0x584/0x6c0 [ 637.435121][T17804] submit_bio_noacct_nocheck+0x562/0xc10 [ 637.441256][T17804] submit_bio_noacct+0xd17/0x2010 [ 637.446784][T17804] submit_bh_wbc+0x59c/0x770 [ 637.451883][T17804] block_read_full_folio+0x4c8/0x8e0 [ 637.457685][T17804] filemap_read_folio+0xfc/0x3b0 [ 637.463125][T17804] do_read_cache_folio+0x2d7/0x6b0 [ 637.468745][T17804] read_part_sector+0xd1/0x370 [ 637.474009][T17804] adfspart_check_ICS+0x93/0x910 [ 637.479443][T17804] bdev_disk_changed+0x7f8/0xc80 [ 637.484887][T17804] blkdev_get_whole+0x187/0x290 [ 637.490241][T17804] bdev_open+0x2c7/0xe40 [ 637.494983][T17804] blkdev_open+0x34e/0x4f0 [ 637.499902][T17804] do_dentry_open+0x6d8/0x1660 [ 637.505177][T17804] vfs_open+0x82/0x3f0 [ 637.509746][T17804] path_openat+0x208c/0x31a0 [ 637.514835][T17804] do_file_open+0x20e/0x430 [ 637.519838][T17804] do_sys_openat2+0x10d/0x1e0 [ 637.525017][T17804] __x64_sys_openat+0x12d/0x210 [ 637.530376][T17804] do_syscall_64+0x106/0xf80 [ 637.535468][T17804] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 637.541863][T17804] [ 637.541863][T17804] -> #3 (set->srcu){.+.+}-{0:0}: [ 637.548966][T17804] __synchronize_srcu+0xa1/0x2a0 [ 637.554406][T17804] blk_mq_quiesce_queue+0x149/0x1c0 [ 637.560112][T17804] elevator_switch+0x17b/0x7e0 [ 637.565385][T17804] elevator_change+0x352/0x530 [ 637.570655][T17804] elevator_set_default+0x29e/0x360 [ 637.576350][T17804] blk_register_queue+0x412/0x590 [ 637.581878][T17804] __add_disk+0x73f/0xe40 [ 637.586710][T17804] add_disk_fwnode+0x118/0x5c0 [ 637.591973][T17804] nbd_dev_add+0x77a/0xb10 [ 637.596895][T17804] nbd_init+0x291/0x2b0 [ 637.601549][T17804] do_one_initcall+0x11d/0x760 [ 637.606811][T17804] kernel_init_freeable+0x6e5/0x7a0 [ 637.612510][T17804] kernel_init+0x1f/0x1e0 [ 637.617344][T17804] ret_from_fork+0x754/0xd80 [ 637.622438][T17804] ret_from_fork_asm+0x1a/0x30 [ 637.627700][T17804] [ 637.627700][T17804] -> #2 (&q->elevator_lock){+.+.}-{4:4}: [ 637.635492][T17804] __mutex_lock+0x1a2/0x1b90 [ 637.640583][T17804] queue_requests_store+0x38b/0x660 [ 637.646282][T17804] queue_attr_store+0x25f/0x2f0 [ 637.651636][T17804] sysfs_kf_write+0xf2/0x150 [ 637.656725][T17804] kernfs_fop_write_iter+0x3e0/0x5f0 [ 637.662506][T17804] vfs_write+0x6ac/0x1070 [ 637.667342][T17804] __x64_sys_pwrite64+0x1eb/0x250 [ 637.672873][T17804] do_syscall_64+0x106/0xf80 [ 637.677963][T17804] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 637.684353][T17804] [ 637.684353][T17804] -> #1 (&q->q_usage_counter(io)#26){++++}-{0:0}: [ 637.692934][T17804] blk_alloc_queue+0x610/0x790 [ 637.698198][T17804] blk_mq_alloc_queue+0x174/0x290 [ 637.703725][T17804] __blk_mq_alloc_disk+0x29/0x120 [ 637.709250][T17804] loop_add+0x498/0xb60 [ 637.713903][T17804] loop_init+0x1d3/0x200 [ 637.718648][T17804] do_one_initcall+0x11d/0x760 [ 637.723912][T17804] kernel_init_freeable+0x6e5/0x7a0 [ 637.729611][T17804] kernel_init+0x1f/0x1e0 [ 637.734441][T17804] ret_from_fork+0x754/0xd80 [ 637.739536][T17804] ret_from_fork_asm+0x1a/0x30 [ 637.744800][T17804] [ 637.744800][T17804] -> #0 (fs_reclaim){+.+.}-{0:0}: [ 637.751986][T17804] __lock_acquire+0x14b8/0x2630 [ 637.757337][T17804] lock_acquire+0x1cf/0x380 [ 637.762339][T17804] fs_reclaim_acquire+0xc4/0x100 [ 637.767775][T17804] prepare_alloc_pages+0x166/0x5f0 [ 637.773384][T17804] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 637.779783][T17804] alloc_pages_mpol+0x1fb/0x550 [ 637.785129][T17804] alloc_pages_noprof+0x131/0x390 [ 637.790654][T17804] __pmd_alloc+0x3b/0x9c0 [ 637.795484][T17804] __handle_mm_fault+0xa99/0x2b60 [ 637.801010][T17804] handle_mm_fault+0x36d/0xa20 [ 637.806276][T17804] do_user_addr_fault+0x74c/0x12f0 [ 637.811895][T17804] exc_page_fault+0x6f/0xd0 [ 637.816901][T17804] asm_exc_page_fault+0x26/0x30 [ 637.822252][T17804] rep_movs_alternative+0x30/0x90 [ 637.827781][T17804] _copy_from_user+0x98/0xd0 [ 637.832875][T17804] get_user_ifreq+0x77/0x1c0 [ 637.837968][T17804] br_ioctl_stub+0x23d/0x4d0 [ 637.843055][T17804] br_ioctl_call+0x53/0xa0 [ 637.847975][T17804] sock_ioctl+0x616/0x6b0 [ 637.852806][T17804] __x64_sys_ioctl+0x18e/0x210 [ 637.858072][T17804] do_syscall_64+0x106/0xf80 [ 637.863159][T17804] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 637.869549][T17804] [ 637.869549][T17804] other info that might help us debug this: [ 637.869549][T17804] [ 637.879747][T17804] Chain exists of: [ 637.879747][T17804] fs_reclaim --> k-sk_lock-AF_INET6 --> &mm->mmap_lock [ 637.879747][T17804] [ 637.892500][T17804] Possible unsafe locking scenario: [ 637.892500][T17804] [ 637.899925][T17804] CPU0 CPU1 [ 637.905265][T17804] ---- ---- [ 637.910601][T17804] rlock(&mm->mmap_lock); [ 637.914993][T17804] lock(k-sk_lock-AF_INET6); [ 637.922165][T17804] lock(&mm->mmap_lock); [ 637.928988][T17804] lock(fs_reclaim); [ 637.932944][T17804] [ 637.932944][T17804] *** DEADLOCK *** [ 637.932944][T17804] [ 637.941062][T17804] 2 locks held by syz.3.3387/17804: [ 637.946231][T17804] #0: ffffffff905e2228 (br_ioctl_mutex){+.+.}-{4:4}, at: br_ioctl_call+0x34/0xa0 [ 637.955436][T17804] #1: ffff88807ad4b440 (&mm->mmap_lock){++++}-{4:4}, at: lock_mm_and_find_vma+0x35/0x6f0 [ 637.965330][T17804] [ 637.965330][T17804] stack backtrace: [ 637.971196][T17804] CPU: 0 UID: 0 PID: 17804 Comm: syz.3.3387 Tainted: G L syzkaller #0 PREEMPT(full) [ 637.971218][T17804] Tainted: [L]=SOFTLOCKUP [ 637.971224][T17804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 637.971234][T17804] Call Trace: [ 637.971241][T17804] [ 637.971248][T17804] dump_stack_lvl+0x100/0x190 [ 637.971269][T17804] print_circular_bug.cold+0x178/0x1c7 [ 637.971293][T17804] check_noncircular+0x146/0x160 [ 637.971311][T17804] ? __lock_acquire+0x4a5/0x2630 [ 637.971329][T17804] __lock_acquire+0x14b8/0x2630 [ 637.971349][T17804] lock_acquire+0x1cf/0x380 [ 637.971366][T17804] ? prepare_alloc_pages+0x166/0x5f0 [ 637.971383][T17804] ? find_held_lock+0x2b/0x80 [ 637.971396][T17804] fs_reclaim_acquire+0xc4/0x100 [ 637.971410][T17804] ? prepare_alloc_pages+0x166/0x5f0 [ 637.971424][T17804] prepare_alloc_pages+0x166/0x5f0 [ 637.971439][T17804] ? is_bpf_text_address+0x94/0x1a0 [ 637.971461][T17804] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 637.971483][T17804] ? __lock_acquire+0x4a5/0x2630 [ 637.971501][T17804] ? __lock_acquire+0x4a5/0x2630 [ 637.971518][T17804] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 637.971540][T17804] ? __lock_acquire+0x4a5/0x2630 [ 637.971558][T17804] ? __lock_acquire+0x4a5/0x2630 [ 637.971577][T17804] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 637.971601][T17804] ? policy_nodemask+0xed/0x4f0 [ 637.971615][T17804] alloc_pages_mpol+0x1fb/0x550 [ 637.971628][T17804] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 637.971644][T17804] alloc_pages_noprof+0x131/0x390 [ 637.971658][T17804] __pmd_alloc+0x3b/0x9c0 [ 637.971674][T17804] __handle_mm_fault+0xa99/0x2b60 [ 637.971693][T17804] ? mt_find+0x45e/0x8e0 [ 637.971710][T17804] ? __pfx___handle_mm_fault+0x10/0x10 [ 637.971727][T17804] ? __pfx_mt_find+0x10/0x10 [ 637.971747][T17804] ? find_vma+0xbf/0x140 [ 637.971768][T17804] ? __pfx_find_vma+0x10/0x10 [ 637.971790][T17804] handle_mm_fault+0x36d/0xa20 [ 637.971809][T17804] do_user_addr_fault+0x74c/0x12f0 [ 637.971834][T17804] exc_page_fault+0x6f/0xd0 [ 637.971850][T17804] asm_exc_page_fault+0x26/0x30 [ 637.971864][T17804] RIP: 0010:rep_movs_alternative+0x30/0x90 [ 637.971886][T17804] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 bd 93 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 [ 637.971901][T17804] RSP: 0018:ffffc900044e7c18 EFLAGS: 00050202 [ 637.971912][T17804] RAX: 0000000000000001 RBX: 0000000000000008 RCX: 0000000000000028 [ 637.971922][T17804] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffffc900044e7cd0 [ 637.971931][T17804] RBP: 0000000000000028 R08: 0000000000000001 R09: fffff5200089cf9e [ 637.971941][T17804] R10: ffffc900044e7cf7 R11: 0000000000000001 R12: 0000000000000000 [ 637.971950][T17804] R13: ffffc900044e7cd0 R14: ffffc900044e7cd0 R15: 0000000000000000 [ 637.971964][T17804] _copy_from_user+0x98/0xd0 [ 637.971986][T17804] get_user_ifreq+0x77/0x1c0 [ 637.972003][T17804] br_ioctl_stub+0x23d/0x4d0 [ 637.972019][T17804] ? __pfx_br_ioctl_stub+0x10/0x10 [ 637.972036][T17804] ? do_vfs_ioctl+0x226/0x13e0 [ 637.972056][T17804] ? __pfx_br_ioctl_stub+0x10/0x10 [ 637.972071][T17804] br_ioctl_call+0x53/0xa0 [ 637.972091][T17804] sock_ioctl+0x616/0x6b0 [ 637.972111][T17804] ? __pfx_sock_ioctl+0x10/0x10 [ 637.972135][T17804] ? hook_file_ioctl_common+0x146/0x410 [ 637.972158][T17804] ? __fget_files+0x21f/0x3d0 [ 637.972181][T17804] ? __pfx_sock_ioctl+0x10/0x10 [ 637.972201][T17804] __x64_sys_ioctl+0x18e/0x210 [ 637.972220][T17804] do_syscall_64+0x106/0xf80 [ 637.972235][T17804] ? clear_bhb_loop+0x40/0x90 [ 637.972251][T17804] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 637.972266][T17804] RIP: 0033:0x7f9f4239c629 [ 637.972280][T17804] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 637.972294][T17804] RSP: 002b:00007f9f432ed028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 637.972307][T17804] RAX: ffffffffffffffda RBX: 00007f9f42616180 RCX: 00007f9f4239c629 [ 637.972317][T17804] RDX: 0000000000000008 RSI: 00000000000089a2 RDI: 0000000000000003 [ 637.972326][T17804] RBP: 00007f9f42432b39 R08: 0000000000000000 R09: 0000000000000000 [ 637.972335][T17804] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 637.972344][T17804] R13: 00007f9f42616218 R14: 00007f9f42616180 R15: 00007ffd31101248 [ 637.972358][T17804] [ 638.735847][T17797] FAULT_INJECTION: forcing a failure. [ 638.735847][T17797] name failslab, interval 1, probability 0, space 0, times 0 [ 638.748535][T17797] CPU: 0 UID: 0 PID: 17797 Comm: syz.1.3385 Tainted: G L syzkaller #0 PREEMPT(full) [ 638.748561][T17797] Tainted: [L]=SOFTLOCKUP [ 638.748566][T17797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 638.748576][T17797] Call Trace: [ 638.748582][T17797] [ 638.748588][T17797] dump_stack_lvl+0x100/0x190 [ 638.748613][T17797] should_fail_ex.cold+0x5/0xa [ 638.748628][T17797] ? __kmalloc_node_track_caller_noprof+0xbd/0x850 [ 638.748652][T17797] should_failslab+0xc2/0x120 [ 638.748666][T17797] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 638.748689][T17797] ? kasprintf+0xc7/0x100 [ 638.748702][T17797] ? do_raw_spin_lock+0x110/0x260 [ 638.748729][T17797] kvasprintf+0xbc/0x150 [ 638.748756][T17797] ? __pfx_kvasprintf+0x10/0x10 [ 638.748778][T17797] ? trace_irq_enable.constprop.0+0x13c/0x180 [ 638.748797][T17797] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 638.748816][T17797] kasprintf+0xc7/0x100 [ 638.748828][T17797] ? __pfx_kasprintf+0x10/0x10 [ 638.748853][T17797] ieee80211_alloc_led_names+0x243/0x420 [ 638.748873][T17797] ieee80211_alloc_hw_nm+0x1934/0x22a0 [ 638.748893][T17797] mac80211_hwsim_new_radio+0x1e1/0x57d0 [ 638.748916][T17797] ? __asan_memset+0x23/0x50 [ 638.748934][T17797] ? __nla_validate_parse+0x1e7/0x28b0 [ 638.748952][T17797] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 638.748974][T17797] hwsim_new_radio_nl+0xc1f/0x1340 [ 638.748993][T17797] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 638.749013][T17797] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 638.749035][T17797] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 638.749065][T17797] genl_family_rcv_msg_doit+0x214/0x300 [ 638.749086][T17797] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 638.749106][T17797] ? genl_get_cmd+0x3ef/0x720 [ 638.749126][T17797] ? bpf_lsm_capable+0x9/0x10 [ 638.749141][T17797] ? security_capable+0x80/0x260 [ 638.749159][T17797] ? ns_capable+0xd2/0xf0 [ 638.749173][T17797] genl_rcv_msg+0x560/0x800 [ 638.749192][T17797] ? __pfx_genl_rcv_msg+0x10/0x10 [ 638.749211][T17797] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 638.749232][T17797] netlink_rcv_skb+0x159/0x420 [ 638.749249][T17797] ? __pfx_genl_rcv_msg+0x10/0x10 [ 638.749268][T17797] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 638.749288][T17797] ? netlink_deliver_tap+0x1ae/0xcc0 [ 638.749305][T17797] genl_rcv+0x28/0x40 [ 638.749322][T17797] netlink_unicast+0x5aa/0x870 [ 638.749339][T17797] ? __pfx_netlink_unicast+0x10/0x10 [ 638.749359][T17797] netlink_sendmsg+0x8b0/0xda0 [ 638.749377][T17797] ? __pfx_netlink_sendmsg+0x10/0x10 [ 638.749393][T17797] ? __import_iovec+0x1d2/0x640 [ 638.749416][T17797] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 638.749435][T17797] ____sys_sendmsg+0xa54/0xc30 [ 638.749455][T17797] ? __pfx_____sys_sendmsg+0x10/0x10 [ 638.749475][T17797] ? __pfx_futex_wake_mark+0x10/0x10 [ 638.749497][T17797] ___sys_sendmsg+0x190/0x1e0 [ 638.749518][T17797] ? __pfx____sys_sendmsg+0x10/0x10 [ 638.749547][T17797] __sys_sendmsg+0x170/0x220 [ 638.749563][T17797] ? __pfx___sys_sendmsg+0x10/0x10 [ 638.749578][T17797] ? __x64_sys_futex+0x34f/0x4d0 [ 638.749600][T17797] do_syscall_64+0x106/0xf80 [ 638.749616][T17797] ? clear_bhb_loop+0x40/0x90 [ 638.749633][T17797] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 638.749648][T17797] RIP: 0033:0x7fe0af79c629 [ 638.749661][T17797] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 638.749676][T17797] RSP: 002b:00007fe0b059c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 638.749691][T17797] RAX: ffffffffffffffda RBX: 00007fe0afa15fa0 RCX: 00007fe0af79c629 [ 638.749702][T17797] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 638.749711][T17797] RBP: 00007fe0af832b39 R08: 0000000000000000 R09: 0000000000000000 [ 638.749721][T17797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 638.749730][T17797] R13: 00007fe0afa16038 R14: 00007fe0afa15fa0 R15: 00007ffc5ab3d3a8 [ 638.749745][T17797] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 639.647934][T17797] ieee80211 phy48: Selected rate control algorithm 'minstrel_ht' [ 640.125274][T17747] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 640.174304][T17747] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 640.214003][T17747] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 640.263751][T17747] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 640.378080][T17747] bridge_slave_0: left allmulticast mode [ 640.399713][T17747] bridge_slave_0: left promiscuous mode [ 640.432066][T17747] bridge0: port 1(bridge_slave_0) entered disabled state [ 640.603649][T17747] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 640.643341][T17747] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 640.682306][T17747] bond0 (unregistering): Released all slaves [ 640.868415][T17747] hsr_slave_0: left promiscuous mode [ 640.883850][T17747] hsr_slave_1: left promiscuous mode [ 640.899623][T17747] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 640.920697][T17747] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 640.942492][T17747] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 640.949851][T17747] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 640.985049][T17747] veth1_macvtap: left promiscuous mode [ 640.990506][T17747] veth0_macvtap: left promiscuous mode [ 641.000701][T17747] veth1_vlan: left promiscuous mode [ 641.022496][T17747] veth0_vlan: left promiscuous mode [ 641.190559][T17747] team0 (unregistering): Port device team_slave_1 removed [ 641.210967][T17747] team0 (unregistering): Port device team_slave_0 removed [ 641.381357][T17747] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 641.425104][T17747] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 641.465240][T17747] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 641.517417][T17747] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 641.609029][T17747] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 641.656243][T17747] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 641.706286][T17747] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 641.745949][T17747] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 641.821183][T17747] bridge_slave_1: left allmulticast mode [ 641.845126][T17747] bridge_slave_1: left promiscuous mode [ 641.850754][T17747] bridge0: port 2(bridge_slave_1) entered disabled state [ 641.871376][T17747] bridge_slave_0: left allmulticast mode [ 641.893612][T17747] bridge_slave_0: left promiscuous mode [ 641.899227][T17747] bridge0: port 1(bridge_slave_0) entered disabled state [ 641.934171][T17747] bond0: left allmulticast mode [ 641.939021][T17747] bond_slave_0: left allmulticast mode [ 641.953589][T17747] bond_slave_1: left allmulticast mode [ 641.959047][T17747] bond0: left promiscuous mode [ 641.982078][T17747] bond_slave_0: left promiscuous mode [ 641.987519][T17747] bond_slave_1: left promiscuous mode [ 642.004281][T17747] bridge0: port 3(bond0) entered disabled state [ 642.011355][T17747] bridge_slave_1: left allmulticast mode [ 642.017455][T17747] bridge_slave_1: left promiscuous mode [ 642.023578][T17747] bridge0: port 2(bridge_slave_1) entered disabled state [ 642.031512][T17747] bridge_slave_0: left allmulticast mode [ 642.038634][T17747] bridge_slave_0: left promiscuous mode [ 642.044794][T17747] bridge0: port 1(bridge_slave_0) entered disabled state [ 642.105884][T17747] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 642.116501][T17747] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 642.126752][T17747] bond0 (unregistering): Released all slaves [ 642.159252][T17747] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 642.169953][T17747] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 642.180560][T17747] bond0 (unregistering): Released all slaves [ 642.560093][T17747] hsr_slave_0: left promiscuous mode [ 642.573661][T17747] hsr_slave_1: left promiscuous mode [ 642.588613][T17747] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 642.596733][T17747] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 642.605119][T17747] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 642.614162][T17747] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 642.622729][T17747] hsr_slave_0: left promiscuous mode [ 642.628245][T17747] hsr_slave_1: left promiscuous mode [ 642.634118][T17747] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 642.641469][T17747] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 642.650055][T17747] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 642.657720][T17747] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 642.668830][T17747] veth1_macvtap: left promiscuous mode [ 642.674417][T17747] veth0_macvtap: left promiscuous mode [ 642.679891][T17747] veth1_vlan: left promiscuous mode [ 642.685670][T17747] veth0_vlan: left promiscuous mode [ 642.691184][T17747] veth0_macvtap: left promiscuous mode [ 642.697011][T17747] veth1_vlan: left promiscuous mode [ 642.702205][T17747] veth0_vlan: left promiscuous mode [ 642.825985][T17747] team0 (unregistering): Port device team_slave_1 removed [ 642.839033][T17747] team0 (unregistering): Port device team_slave_0 removed [ 642.928852][T17747] team0 (unregistering): Port device team_slave_0 removed